Hi,
I just tried to start apache with ssl in a test directory, with a common
configuration file which can be used for test and production.
The test server must be using a non-privileged port, and should
be startable by non-root. Usually, all that is required for this is
/usr/local/apache/bin/httpd -DSSL -Dtesting
and a manually modified configuration file.
There exist configuration directives for everything which is ServerRoot
relative. Thus I can say in the httpd.conf file,...
<IfDefine testing>
Port 8000
TransferLog /tmp/access_log
</IfDefine>
<IfDefine !testing>
Port 80
TransferLog logs/access_log
</IfDefine>
These directives include ScriptLog,ErrorLog,TransferLog,CustomLog,
SSLLog,PidFile,ScoreBoardFile,SSLSessionCache,SSLMutex, and others.
But I noticed that apache+mod_ssl has the following design flaw, and
therefore cannot be used in this manner (unless you omit MM support).
In apache.../src/main/alloc.c, we find:
mm_path = ap_server_root_relative(permanent_pool,
ap_psprintf(permanent_pool, "%s.%ld",
EAPI_MM_CORE_PATH, (long)getpid()));
This path is *HARDWIRED* to be part of the ServerRoot, because there is
no directive which would allow to override the constant EAPI_MM_CORE_PATH.
We are talking about production servers here; of course I can recompile
the server, but that is no option when the binary has been built
already.
Please: make this path configurable! I was thinking of something like
MMLockDir logs/
Or what do you think?
Martin
--
<[EMAIL PROTECTED]> | Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-41143 | 81730 Munich, Germany
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
