Re: httpd and OpenSSL 1.0.2

2015-06-05 Thread Michael Felt
Along the lines of "to be continued" - IMHO httpd should be one of the early adopters of not allowing linkage to versions of openssl that cannot support TLS1.2. I have built (on AIX) against libreSSL (v2.1.6) with some private additions for AIX (that will be verified and improved upon by openbsd i

Re: ALPN patch comments

2015-06-05 Thread Stefan Eissing
> Am 05.06.2015 um 01:37 schrieb Yann Ylavic : > > On Fri, Jun 5, 2015 at 1:03 AM, Roy T. Fielding wrote: >> >> Hence, we might need a configurable way to ignore a client's ALPN, though I >> doubt that >> "SSLalpn off" is the right way to express that. Likewise, neither is >> SSLAlpnPreferen

Re: SO_REUSEPORT

2015-06-05 Thread Eric Covener
I'm trying to review & understand how this affects process management for things like MinSpareThreads/MaxSpareThreads e.g. -else if (idle_thread_count < min_spare_threads) { +else if (idle_thread_count < min_spare_threads / num_buckets) { /* terminate the free list */ if

Re: ALPN patch comments

2015-06-05 Thread Eric Covener
On Fri, Jun 5, 2015 at 8:39 AM Stefan Eissing wrote: > > > Am 05.06.2015 um 01:37 schrieb Yann Ylavic : > > > > On Fri, Jun 5, 2015 at 1:03 AM, Roy T. Fielding > wrote: > >> > >> Hence, we might need a configurable way to ignore a client's ALPN, > though I doubt that > >> "SSLalpn off" is the ri

Re: SO_REUSEPORT

2015-06-05 Thread Yann Ylavic
On Fri, Jun 5, 2015 at 5:11 PM, Eric Covener wrote: > I'm trying to review & understand how this affects process management for > things like MinSpareThreads/MaxSpareThreads e.g. > > -else if (idle_thread_count < min_spare_threads) { > +else if (idle_thread_count < min_spare_threads / num_