Re: SSLSrvConfigRec shared

2017-12-23 Thread Yann Ylavic
On Sat, Dec 23, 2017 at 3:53 PM, Stefan Eissing wrote: > > I think this really is a bug in our runtime. The flag was invented > just for precaution, in case a module would rely on the no-copy > behaviour. That is really close to saying: we will not fix > any more

Re: SSLSrvConfigRec shared

2017-12-23 Thread Eric Covener
> I think this really is a bug in our runtime. The flag was invented > just for precaution, in case a module would rely on the no-copy > behaviour. That is really close to saying: we will not fix > any more bugs in 2.4.x as someone could rely on it. I don't think this bit is fair. Every config

Re: SSLSrvConfigRec shared

2017-12-23 Thread Stefan Eissing
> Am 23.12.2017 um 12:34 schrieb Yann Ylavic : > > On Sat, Dec 23, 2017 at 9:00 AM, Nick Kew wrote: >> On Sat, 2017-12-23 at 08:20 +0100, Stefan Eissing wrote: >> Ugh. Fine for trunk, but that's a lot of complexity to foist on a stable branch.

Re: SSLSrvConfigRec shared

2017-12-23 Thread Yann Ylavic
On Sat, Dec 23, 2017 at 9:00 AM, Nick Kew wrote: > On Sat, 2017-12-23 at 08:20 +0100, Stefan Eissing wrote: > >> > Ugh. Fine for trunk, but that's a lot of complexity to foist on >> > a stable branch. A module would not only need to check MMN, >> > but also implement fallback

Re: SSLSrvConfigRec shared

2017-12-23 Thread Nick Kew
On Sat, 2017-12-23 at 08:20 +0100, Stefan Eissing wrote: > > Ugh. Fine for trunk, but that's a lot of complexity to foist on > > a stable branch. A module would not only need to check MMN, > > but also implement fallback behaviour if there are no flags. > > So why not KISS and stick with that

Re: SSLSrvConfigRec shared

2017-12-22 Thread Stefan Eissing
> Am 22.12.2017 um 23:31 schrieb Nick Kew : > > On Thu, 21 Sep 2017 08:11:17 -0400 > Eric Covener wrote: > >> IIUC it should be safe to extend module_struct with a minor bump to >> add 'int flags' to the bottom, but when you check the value you'd need >> to

Re: SSLSrvConfigRec shared

2017-12-22 Thread Nick Kew
On Thu, 21 Sep 2017 08:11:17 -0400 Eric Covener wrote: > IIUC it should be safe to extend module_struct with a minor bump to > add 'int flags' to the bottom, but when you check the value you'd need > to check the MMN first. In the module you'd then just have some flags > or'ed

Re: SSLSrvConfigRec shared

2017-09-22 Thread Yann Ylavic
I added the 'flags' getter in r1809311, much cleaner, thanks! On Fri, Sep 22, 2017 at 2:48 PM, Eric Covener wrote: > Whoops I see you already folllowed it up. > > On Fri, Sep 22, 2017 at 8:46 AM, Eric Covener wrote: >> On Fri, Sep 22, 2017 at 8:11 AM, Yann

Re: SSLSrvConfigRec shared

2017-09-22 Thread Stefan Eissing
posticipate - realizing, while one writes a reply, that Yann has probably already implemented it. X-) > Am 22.09.2017 um 14:48 schrieb Eric Covener : > > Whoops I see you already folllowed it up. > > On Fri, Sep 22, 2017 at 8:46 AM, Eric Covener wrote:

Re: SSLSrvConfigRec shared

2017-09-22 Thread Eric Covener
Whoops I see you already folllowed it up. On Fri, Sep 22, 2017 at 8:46 AM, Eric Covener wrote: > On Fri, Sep 22, 2017 at 8:11 AM, Yann Ylavic wrote: >> On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: >>> On Thu, Sep 21, 2017 at

Re: SSLSrvConfigRec shared

2017-09-22 Thread Eric Covener
On Fri, Sep 22, 2017 at 8:11 AM, Yann Ylavic wrote: > On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: >> On Thu, Sep 21, 2017 at 8:44 AM, Yann Ylavic wrote: >>> On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener

Re: SSLSrvConfigRec shared

2017-09-22 Thread Yann Ylavic
On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: > On Thu, Sep 21, 2017 at 8:44 AM, Yann Ylavic wrote: >> On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener wrote: >>> >>> IIUC it should be safe to extend module_struct with a minor bump

Re: SSLSrvConfigRec shared

2017-09-22 Thread Stefan Eissing
The patches look great! Will test on next occasion! Thanks! :) > Am 22.09.2017 um 14:02 schrieb Yann Ylavic : > > On Thu, Sep 21, 2017 at 2:54 PM, Yann Ylavic wrote: >> On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: >>> On

Re: SSLSrvConfigRec shared

2017-09-22 Thread Yann Ylavic
On Thu, Sep 21, 2017 at 2:54 PM, Yann Ylavic wrote: > On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: >> On Thu, Sep 21, 2017 at 8:44 AM, Yann Ylavic wrote: >>> On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener

Re: SSLSrvConfigRec shared

2017-09-21 Thread Yann Ylavic
On Thu, Sep 21, 2017 at 2:51 PM, Eric Covener wrote: > On Thu, Sep 21, 2017 at 8:44 AM, Yann Ylavic wrote: >> On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener wrote: >>> >>> IIUC it should be safe to extend module_struct with a minor bump

Re: SSLSrvConfigRec shared

2017-09-21 Thread Eric Covener
On Thu, Sep 21, 2017 at 8:44 AM, Yann Ylavic wrote: > On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener wrote: >> >> IIUC it should be safe to extend module_struct with a minor bump to >> add 'int flags' to the bottom, but when you check the value you'd need

Re: SSLSrvConfigRec shared

2017-09-21 Thread Yann Ylavic
On Thu, Sep 21, 2017 at 2:11 PM, Eric Covener wrote: > > IIUC it should be safe to extend module_struct with a minor bump to > add 'int flags' to the bottom, but when you check the value you'd need > to check the MMN first. In the module you'd then just have some flags > or'ed

Re: SSLSrvConfigRec shared

2017-09-21 Thread Eric Covener
On Thu, Sep 21, 2017 at 7:42 AM, Stefan Eissing wrote: > >> Am 21.09.2017 um 13:35 schrieb Eric Covener : >> >> On Thu, Sep 21, 2017 at 7:00 AM, Yann Ylavic wrote: >>> On Thu, Sep 21, 2017 at 11:48 AM, Stefan Eissing >>>

Re: SSLSrvConfigRec shared

2017-09-21 Thread Stefan Eissing
> Am 21.09.2017 um 13:35 schrieb Eric Covener : > > On Thu, Sep 21, 2017 at 7:00 AM, Yann Ylavic wrote: >> On Thu, Sep 21, 2017 at 11:48 AM, Stefan Eissing >> wrote: >>> Am 21.09.2017 um 11:37 schrieb Yann Ylavic

Re: SSLSrvConfigRec shared

2017-09-21 Thread Eric Covener
On Thu, Sep 21, 2017 at 7:00 AM, Yann Ylavic wrote: > On Thu, Sep 21, 2017 at 11:48 AM, Stefan Eissing > wrote: >> >>> Am 21.09.2017 um 11:37 schrieb Yann Ylavic : >>> >>> If the module defines its own

Re: SSLSrvConfigRec shared

2017-09-21 Thread Yann Ylavic
On Thu, Sep 21, 2017 at 11:48 AM, Stefan Eissing wrote: > >> Am 21.09.2017 um 11:37 schrieb Yann Ylavic : >> >> If the module defines its own server_config_create() which allocates >> one, each vhost will have its own, and the module's >>

Re: SSLSrvConfigRec shared

2017-09-21 Thread Stefan Eissing
> Am 21.09.2017 um 11:37 schrieb Yann Ylavic : > > Hi Stefan, > > On Wed, Sep 20, 2017 at 2:06 PM, Stefan Eissing > wrote: >> >>> Am 20.09.2017 um 12:33 schrieb Yann Ylavic : >>> >>> On Wed, Sep 20, 2017 at 12:09 PM,

Re: SSLSrvConfigRec shared

2017-09-21 Thread Yann Ylavic
Hi Stefan, On Wed, Sep 20, 2017 at 2:06 PM, Stefan Eissing wrote: > >> Am 20.09.2017 um 12:33 schrieb Yann Ylavic : >> >> On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing >> wrote: >>> >>> Is there some better

Re: SSLSrvConfigRec shared

2017-09-20 Thread Stefan Eissing
> Am 20.09.2017 um 12:33 schrieb Yann Ylavic : > > On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing > wrote: >> >> Is there some better way? > > I would go with the usual/unconditional per server config (and hence > merging), trade

Re: SSLSrvConfigRec shared

2017-09-20 Thread Yann Ylavic
On Wed, Sep 20, 2017 at 12:09 PM, Stefan Eissing wrote: > > Is there some better way? I would go with the usual/unconditional per server config (and hence merging), trade simplicity vs a few memory space... Regards, Yann.

SSLSrvConfigRec shared

2017-09-20 Thread Stefan Eissing
mod_ssl's server_rec configurations (SSLSrvConfigRec) are shared between vhost and base server *iff* there are no SSL* directives used inside a VirtualHost. This is not really a good idea since mod_ssl modifies these recs in its post_config hook. This looks currently harmless, e.g. setting