That is why mod_h2 allowe H2Engine on|off on base server and vhosts. If I
understand you correctly, this does what you ask for.
//Stefan
Am 03.06.2015 um 19:45 schrieb William A Rowe Jr wr...@rowe-clan.net:
On Wed, Jun 3, 2015 at 8:43 AM, Stefan Eissing
stefan.eiss...@greenbytes.de
I tested the lined patch on a 2.4.x checkout with mod_h2 on OS X 10.10 and
openssl 1.0.2. All my tests ran fine.
//Stefan
Am 02.06.2015 um 16:56 schrieb Eric Covener cove...@gmail.com:
Can you test the latest rev of the backport candidate?
I tried to reconcile your patch with your svn log entry and I failed.
Could you either correct or explain further?
TIA,
Bill
On Jun 2, 2015 12:40 AM, jaillet...@apache.org wrote:
Author: jailletc36
Date: Tue Jun 2 05:40:57 2015
New Revision: 1683044
URL: http://svn.apache.org/r1683044
On Wed, Jun 3, 2015 at 3:43 PM, Stefan Eissing
stefan.eiss...@greenbytes.de wrote:
If a client sends ALPN information in its hello, it certainly can expect an
answer from the server.
Since in absence of any other modules, the httpd will do „http/1.1“, I think
that is a reasonable response.
On 06/03/2015 03:43 PM, Stefan Eissing wrote:
Hmm, personally, I do not like redundant configurations. If someone configures
a module, like mod_h2, to be enabled (H2Engine on), she could expect the module
to take all the necessary steps. So I am no fan of a „SSLAlpnEnable“.
If a client sends
On Wed, Jun 3, 2015 at 3:43 PM, Stefan Eissing
stefan.eiss...@greenbytes.de wrote:
Hmm, personally, I do not like redundant configurations. If someone
configures a module, like mod_h2, to be enabled (H2Engine on), she could
expect the module to take all the necessary steps. So I am no fan of
I wonder if registering the ssl_callback_alpn_select callback
inconditionally could break some clients.
Are those (ALPN ready) always negociate http/1.1?
Otherwise we could check for sc-server-ssl_alpn_pref-nelts 0 (or
a dedicated SSLAlpnEnable) beforing using
SSL_CTX_set_alpn_select_cb().
In
Hmm, personally, I do not like redundant configurations. If someone configures
a module, like mod_h2, to be enabled (H2Engine on), she could expect the module
to take all the necessary steps. So I am no fan of a „SSLAlpnEnable“.
If a client sends ALPN information in its hello, it certainly can
I additionally tested today on Ubuntu 14.04 LTS. Works for me.
Am 03.06.2015 um 12:56 schrieb Stefan Eissing stefan.eiss...@greenbytes.de:
I tested the lined patch on a 2.4.x checkout with mod_h2 on OS X 10.10 and
openssl 1.0.2. All my tests ran fine.
//Stefan
Am 02.06.2015 um 16:56
On Wed, Jun 3, 2015 at 4:45 PM, Yann Ylavic ylavic@gmail.com wrote:
This means enabling ALPN only if SSLALPNPreference is used.
Something like below :
Index: modules/ssl/mod_ssl.c
===
--- modules/ssl/mod_ssl.c(revision
Hmm, I cannot test this today since I am travelling.
If Jim wants to tag 2.5.13 this week, then either the current v4 patch makes it
in, or we need to postpone this. A changed patch on which my module (and
possibly others) chokes on, will not serve anyone I assume.
As with the don't send NPN
With the current (master) code of mod_h2, you'd probably need
something like the attached patch to handle a possible failure in
modssl_register_alpn(), because SSLALPNPreference was not configured
(as per my proposed mod_ssl patch).
On Wed, Jun 3, 2015 at 5:16 PM, Stefan Eissing
On Wed, Jun 3, 2015 at 8:43 AM, Stefan Eissing stefan.eiss...@greenbytes.de
wrote:
Hmm, personally, I do not like redundant configurations. If someone
configures a module, like mod_h2, to be enabled (H2Engine on), she could
expect the module to take all the necessary steps. So I am no fan of
On 6/3/2015 1:02 PM, Yann Ylavic wrote:
On Wed, Jun 3, 2015 at 7:55 PM, Jacob Champion jacob.champ...@ni.com wrote:
In your opinion, is this worth filing a bug report over?
That would probably help to remember that there is a request for it ;)
Done:
Yann,
On 6/2/2015 3:19 PM, Yann Ylavic wrote:
A workaround today is (as you did) to use the child_init hook
registered with APR_HOOK_REALLY_LAST, so that it is called after all
the others.
Great, that should help mitigate the risk for now; thank you! (Thanks to
Nick as well for his similar
On Wed, Jun 3, 2015 at 7:55 PM, Jacob Champion jacob.champ...@ni.com wrote:
In your opinion, is this worth filing a bug report over?
That would probably help to remember that there is a request for it ;)
Regards,
Yann.
16 matches
Mail list logo