On Wed, Sep 29, 2010 at 11:07:14PM +0200, Stefan Fritsch wrote: > On Wednesday 29 September 2010, Nick Kew wrote: > > It's been sitting in my to-do list to review mod_ssl's expression > > parser, and see if we can't substitute ap_expr - with updates to > > the latter if necessary. > > > > Any thoughts on whether that would work based on your look at it? > > From a technical point of view I see no reason why it would not work. > But it would mean to either make the syntax of ap_expr match exactly > the syntax of ssl_expr or to break backward compatibility in > SSLRequire. I am not sure either makes sense. > > Maybe it would be better to keep both in 2.4 and throw out ssl_expr in > 3.0?
"Require expr" is close enough to SSLRequire if ap_expr grew documentation and SSL variable lookup, by the looks of it. The only thing missing then is PeerExtList() which would make sense to do via Lua, really; it's inflexible and awkward in SSLRequire already. I'd be more than happy to see that done in 2.4. The ap_expr API is still as fugly as when I reviewed it way back; lacks namespace-safety, lacks docs, exposure of parser internals is awful, etc. Is nobody planning to clean this up before 2.4? Regards, Joe
