On Thu, Dec 12, 2002 at 01:08:08AM -0600, William Rowe wrote:
> My proposed solution is to review the patch and apply it to cvs HEAD. Get it
> committed. Of course there are no test suites right now, and there won't be
> for a little while yet. But once the code exists, it will be simpler to keep the
> SSL upgrade facility maintained, and debug it as the clients become available
> (most especially, libwww exercises through perl-framework.)
I think there were a couple of mistakes in the patch:
> --- modules/ssl/ssl_engine_io.c 23 Nov 2002 21:19:03 -0000 1.101
> +++ modules/ssl/ssl_engine_io.c 12 Dec 2002 07:06:46 -0000
> @@ -1181,6 +1181,84 @@
> return APR_SUCCESS;
> }
>
> +static apr_status_t ssl_io_filter_Upgrade(ap_filter_t *f,
> + apr_bucket_brigade *bb)
> +
> +{
> +#define SWITCH_STATUS_LINE "101 Switching Protocols"
Should be "HTTP/1.1 101 Swiching Protocols" unless the prefix is added
somewhere I missed, otherwise this isn't a valid status-line.
> +#define UPGRADE_HEADER "Upgrade: TLS/1.0 HTTP/1.1"
> +#define CONNECTION_HEADER "Conenction: Upgrade"
Spot the typo :)
> + connection = apr_table_get(r->headers_in, "Connection");
> +
> + apr_table_unset(r->headers_out, "Upgrade");
> +
> + if (strcmp(connection, "Upgrade") || strcmp(upgrade, "TLS/1.0")) {
> + return ap_pass_brigade(f->next, bb);
> + }
I don't think the requirement that the client sends exactly "Connection:
Upgrade" is correct; the only requirement here is on the client to send
a Connection header including the "upgrade" token.
joe
