In real life, I don't believe this is detrimental, since if the accf_http filter sees data it doesn't understand, it acts just like accf_data -- and mod_ssl reads the data just like normal.
Hrm.. I am not sure I am convinced of that based on what I have seen on some misconfigured Apache1 servers.
There was a thread discussing refactoring of how accept filters and
TCP_DEFER_ACCEPT should be applied, but the root problem is that we do
not know that a socket is SSL, until after we have accept()'ed that
socket.
Ah, in Apache1 that isn't a problem. I can see how that complicates things in Apache2.
-Rasmus
