William A. Rowe, Jr. wrote:
Jeff Trawick wrote:
On 6/13/06, david reid <[EMAIL PROTECTED]> wrote:
The attached patch is a first pass at getting some support for using
openssl directly for ssl sockets within APR. I've tried to be generic in
the basic configure code, but the actaul guts are basically openssl
related.
What about an I/O layering system for sockets? This is in essence the
set of function pointers used by the one true sockets API to call out
to the details, as mentioned in other posts.
Only one question. If we are back to BUFF filtering from Apache 1.3, can
we at least go back to history and look at why it was replaced by
filtering?
(Or would lurkers care to speak up?)
FWIW, I posted the apr_iol patch many years ago (perhaps to new-httpd) but for the life of me I cannot find it
in the archives. It still needed a good deal of work to make it 'production' ready. Looking at this from an
Apache HTTPD perspective, the main problem I see with David's patch is that it would require modifications to
(or replacement of) the CORE_IN and CORE_OUT filters to add SSL support. The main value of the apr_iol was
that you could make all semantically similar i/o operations (ie, HTTP and HTTPS) use the exact same API.
Using apr_iol, it was possible to push an SSL socket into the IOL w/o modifying either CORE_IN or CORE_OUT.
If I recall correctly, an IOL only added a single pointer redirection to the code path. apr_iol solved a very
specific problem (proliferation of semantically similar APIs) and I was never an advocate of using IOLs as a
generic filtering mechanism.
BTW, hello David, Jeff, Will, Justin and all. It's been a while since I've raised my head up around here. Hope
to see everyone at the Austin Con this year. Lot's of beers to catch up on ;-)
Bill
