----- "William A. Rowe Jr." <[email protected]> wrote: > Actually, the apr_ function calls involved have not been approved for > release, > so I'd suggest this module is inappropriate for GA until that API is > accepted > (and clearly it's received minimal and insufficient review, which is > completely > unacceptable for a crypto interface in particular :)
I think a simple way to get more reviews is to build and put something on-line that enough people find attractive to exploit ;) > For example, if 2.4.0 is shipped with a call to apr_crypto_error with > three > arguments, when the correct API takes two arguments (ctx and err, > dropping > the 1st driver argument), then it will make no sense when someone > attempts to > actually build the module. It seems stupid to ship such code in a GA > release. I'm concerned that by not shipping it, we're losing a lot of useful functionality: http://httpd.apache.org/docs/trunk/mod/mod_auth_form.html > svn rm'ing it once 2.3 is forked from trunk seems appropriate. Adding > it back > when apr-util 1.4 (or apr 2) is released would be trivial. That okay after going GA? i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: [email protected] URL: http://brainsware.org/
