Checkout
 

rse in httpd

update my entry

update my entry

change my Occupation

Avoid uninitialized variable due to still disabled code

Update TODO list

Apply mod_ssl MEGA porting patch. This is a cleaned up version of the

latest patches from Madhusudan which makes mod_ssl 95% working inside

Apache 2.0. There is still a lot of more work (both porting and cleanup)

to do be done. See modules/ssl/README for details.

Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>

  1. … 3 more files in changeset.
Remember current porting state

Merge in part II of a set of mod_ssl porting changes.

Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>

Merge in part of a set of mod_ssl porting changes.

Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>

mod_ssl status

Fix todo list

Port ssl_util.c stuff to APR.

Port ssl_util_table.[ch] to Apache 2.0 by just removing all platform

depended code (table_read, table_write). This is possible because this

table library is local to mod_ssl and inside mod_ssl this library is

used for manipulating hash tables inside shared memory segments only. So

we can just get rid of the unportable parts at all.

Port ssl_util_ssl.[ch] stuff to APR.

Use different namespace for internal defines.

Port ssl_engine_ds.c to APR.

Nothing to port for ssl_engine_dh.c except that

SSL_LIBRARY_VERSION has to be already available.

Remember which code parts are already ported...

Kick out all old mutex code and base SSLMutex on APR locks.

Change mostly all old module structure hooks and EAPI hooks to

ap_hook_xxx equivalents. More work has to be done here to clean all this

up and reduce to a minimum...

Axe writev(2) support from the SSL I/O layer because in Apache 2.0 we no

longer handle the bottom line of I/O ourself. Additionally this again

simplifies mod_ssl's I/O part for later transition to mod_tls's approach

with buckets.

Axe most WIN32 stuff from Apache 1.3. In Apache 2.0 we either use APR

later for this or we don't do it at all. But we certainly no longer want

to see any platform specific things inside a module.

Axe out SSL_CONSERVATIVE stuff which for Apache 1.3 did I/O data

pre-sucking on POST requests and I/O re-injection in case of SSL

renegotiations. This all either cannot be solved any longer or at least

has to be implemented totally different through I/O layering/filtering.

Remove one more EAPI-based thing we no longer really need.

remove remaining references to compat and sdbm

compat and local sdbm stuff is already gone

Axe out SSL_USE_SDBM stuff, i.e., get rid of the local SDBM copy and use

APR's DBM API instead. The remaining question just is whether APR's DBM

allows "larger" things like SSL sessions to be stored...

Axe out the complete SSL_COMPAT stuff. Because Apache 2.0 is already

incompatible at many places to Apache 1.3 we also don't want this stuff

anymore. Apache 2.0's mod_ssl will be mostly compatibile with Apache

1.3's mod_ssl, of course. But we really no longer want to be compatible

to Sioux and other obsolete SSL things...

Start writing down incompatibilities to mod_ssl 2.x from Apache 1.3.

Our general goal is to axe down mod_ssl to a minimum, because what we

don't have anymore we don't have to port and as simpler mod_ssl becomes.

Nevertheless we will try to minimize incompatibilities if possible.

Axe out EAPI-based SSL_VENDOR stuff.

If we want this later again, we have to do it differently anyway. So,

for now we try to strip down mod_ssl as heavy as possible and hence we

kick out this stuff at all.