> One Nov. 12, Ryan committed a patch creating the create_conn hook. The > idea was to move > the client_socket out of the conn_rec presumably to make available only to > the core_in and > core_out filters. However, I just found a backdoor... > > In core_create_conn() the socket is saved away thusly: > ap_set_module_config(net->c->conn_config, &core_module, csd); > > And whoever needs to access the socket does this: > apr_socket_t *csd = ap_get_module_config(f->c->conn_config, &core_module);
That hack was added because the proxy does the completely wrong thing with regard to handing sockets. In order to finish the Nov. 12 patch, I need to rip a lot of logic out of the proxy and re-implement, which I haven't had time to do recently. The only other module that should use the get_module_config hack is the perchild module, which is also doing to completely wrong thing with regard to sockets, but I haven't had time to fix that one either. > So the goal of hiding the socket is completely blown. The Nov. 11 change > added a lot of > complexity to the server (hard to read/understand code) in pursuit of a > goal that is then > immediately circumvented by the ap_get|set_module_config. So we made the > server more > complex for no reason. It actually isn't blown. Try writing a module that implements a non TCP socket, and it will work as long as you don't use the proxy or the perchild module. As proof, look at the fact that the Unix MPMs have been using that mechanism to handle the pipe_of_death. This allowed me to remove the ugly hacks at the beginning of the accept loop, which checked for the POD. Also, a big portion of the Nov 12 patch was to consolidate the accept functions for Unix and BeOS, which has meant far less duplicated code in the server. > I am on the verge of vetoing the Nov. 12 patch in favor of moving the > client_socket back > into the con_rec. > > Comments? Please don't let two mis-behaved modules color your judgment on this. Both proxy and perchild must be re-written if they are going to be clean, and once that is done the stupid set_module_config can be removed. In fact, the server ran for over a day without the set_module_config, but that broke the proxy, so I added the hack to allow the proxy to continue to work, while I worked to solve the underlying problem. Unfortunately, work and some extracurricular activities have stopped me from contributing much code recently. Hopefully, I will have time to code again soon. Ryan
