Plüm wrote: > I think the SSL problem is caused by throwing away the conn_rec > entry for the backend and create a new one for each request. > That does not sound right, but I admit that keeping it must be > carefully examinated due to several possible issues. Two > that I can see immeditately are: > > 1. memory pools > 2. filters > > For me that puts the question on the table if using "fake" request_rec > and conn_rec structures for the backend connections is really a good > idea. This "misuse" already leads to problems in other areas. > But reworking this will take much time and work and is only mid to > long term. Might be easier if we have a http / https client library > as part of httpd or apr-util.
Something like this maybe: http://svn.webdav.org/repos/projects/serf/trunk/ It started out to become apr-serf, made a jump to the short-lived Commons, and ended up at webdav.org. There is a current effort by Justin Erenkrantz to get Serf completed, or at least complete enough to complete ra_serf, a Subversion remote access library. I expect that with a couple of months the churn is gone, and its API stable enough to use here in HTTP Server land. Sander