[ http://issues.apache.org/jira/browse/MODPYTHON-94?page=comments#action_12358844 ]
Deron Meranda commented on MODPYTHON-94: ---------------------------------------- Graham said: "Can Apache be built without HTTPS support? Does this patch still work and does it gracefully fail or give negative results if this is the case? I would not want to see changes which require Apache to be built in a certain way. " Yes, the attached patches do reasonable things if mod_ssl is not available. Nothing else in Apache or other modules is affected. When mod_ssl is not available, then req.is_https() will return False, and the req.ssl_var() will always return None. As for any other way to do this in general, that would be great! However I had at least a real need to get to these specific SSL functions because there just is no other way to do this purely within mod_python; and I think it a reasonable expectation that an AuthHandler could at least determine if the connection is over SSL or not (I don't consider checking the port number a sufficient check). For completeness I also raised this issue with the mod_ssl folks to see if it could be solved on their side. They rejected it--see http://issues.apache.org/bugzilla/show_bug.cgi?id=37551 > Calling APR optional functions provided by mod_ssl > -------------------------------------------------- > > Key: MODPYTHON-94 > URL: http://issues.apache.org/jira/browse/MODPYTHON-94 > Project: mod_python > Type: New Feature > Components: core > Versions: 3.2 > Environment: Apache 2 > Reporter: Deron Meranda > Attachments: modpython4.tex.patch, requestobject.c.patch > > mod_python is not able to invoke APR Optional Functions. There are > some cases however where this could be of great benifit. > For example, consider writing an authentication or authorization handler > which needs to determine SSL properties (even if to just answer the > simple question: is the connection SSL encrypted). The normal way of > looking in the subprocess_env for SSL_* variables does not work in those > early handler phases because those variables are not set until the fixup > phase. > The mod_ssl module though does provide both a ssl_is_https() and > ssl_var_lookup() optional functions which can be used in earlier > phases. For example look at how mod_rewrite calls those; using > the APR_DECLARE_OPTIONAL_FN and APR_RETRIEVE_OPTIONAL_FN > macros. > I can see how it might be very hard to support optional functions in > general because of the C type linkage issue, but perhaps a select few > could be coded directly into mod_python. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
