> Am 25.04.2015 um 11:47 schrieb Kaspar Brand <httpd-dev.2...@velox.ch>: > > On 22.04.2015 18:54, Jim Jagielski wrote: >>> For me the time seems right to rip NPN out of trunk and only backport >>> the ALPN code to 2.4. >>> >> >> I'd be +1 for that. > > So, to get one step further, and since there were no explicit objections > to removing NPN support so far (or arguments for keeping it, FWIW), I > went ahead and took a stab at this with r1676004. > > Only tested in terms of "compiles both w/ and w/o HAVE_TLS_ALPN", so it > certainly needs more eyes before a backport proposal could be made. > There's also a "TODO: we should have a mod_ssl configuration parameter" > in ssl_engine_kernel.c which I'm unsure to what it refers.
The „TODO“ is a leftover from before SSLAlpnPreference was introduced. It can be removed. I diff’ed the current mod_ssl against the 2.4 branch, removed everything but he ALPN changes and made a patch for my sandbox. This works on my OS X with mod_h2. My Ubuntu sandbox is still resisting as some test clients still link the system ssl which only speaks NPN (or link against a lib_event that links against the system openssl). It’s a mess. Stefan > > Kaspar <green/>bytes GmbH Hafenweg 16, 48155 Münster, Germany Phone: +49 251 2807760. Amtsgericht Münster: HRB5782