On 6/13/06, david reid <[EMAIL PROTECTED]> wrote:
The attached patch is a first pass at getting some support for using openssl directly for ssl sockets within APR. I've tried to be generic in the basic configure code, but the actaul guts are basically openssl related.
What about an I/O layering system for sockets? This is in essence the set of function pointers used by the one true sockets API to call out to the details, as mentioned in other posts. The application can push an SSL layer (insert structure of function pointers) or tracing layer or something else on the socket. The details of SSL or tracing or whatever stay separate from the basic socket I/O performed by the existing apr network I/O package. In some cases, layers can be used by other components without forethought by the socket creator. With httpd as an example: MPM does an accept on a socket; SSL module pre-connection hook runs, determines that the vhost is SSL-enabled and pushes an SSL I/O layer onto the socket. Normal core input/output filter is used even for SSL. Trace module pre-connection hook runs, determines that connection is selected for I/O trace, and pushes a trace I/O layer onto the socket.
