Open GoogleCodeExporter opened 9 years ago
Ummm... It's going to be a hell of a hack.
Original comment by alobbs
on 3 Dec 2008 at 4:49
I suggest me make something extremely pretty with respect to env variables.
Because I
presume it must be possible which ones are exported, opposed to do all.
Original comment by ste...@konink.de
on 3 Dec 2008 at 4:54
Yes... but it is really needed for us... We use FNMT certificates to grant
access in
our "Virtual Office" and Intranet server. Without it, we can't migrate our
servers to
Cherokee... :(
Original comment by skar...@gmail.com
on 3 Dec 2008 at 4:56
As I previously said.. your wish is my command! ;) We'll put it in place.
However, I do understand why Stefan is worried about it. Very few people will
use the feature, so we should
definitely make it optional. I completely agree on that.
Original comment by alobbs
on 3 Dec 2008 at 5:24
Thanks Álvaro! ;)
I agree. SSL information extraction is expensive, so the use of something like
"SSLOptions StdEnvVars" in Apache should be good. As a CGI handler property,
for example.
Original comment by skar...@gmail.com
on 3 Dec 2008 at 6:11
Yes; it will be a new property of handler_cgi_base.
Original comment by alobbs
on 3 Dec 2008 at 6:20
Any progress in this?
Thanks for the great work!
Original comment by joseba...@gmail.com
on 11 Dec 2009 at 3:48
Alvaro; can we cache the generation of the environment? So we do generate this
list once when TLS is enabled and an checkbox is found requiring these
settings? In that way we generate them once, and only if it is being used later
on.
Original comment by ste...@konink.de
on 14 Oct 2011 at 7:49
Stefan,
As in the rest of the cases where variables are being added, the idea is to
keep the list of variable names and values in memory, and whenever necessary
add them to the session. It's working in the same way in all the *CGI handlers,
for instance.
Trying to build the whole memory block would just save a handful of tiny
memcpy()s when a SSL session is created, which is basically nothing in
comparison to the overall work that it requires. Basically, it would not get
any perceptible benefit out of it, while the code would not be as clean.
Original comment by alobbs
on 14 Oct 2011 at 6:45
Original issue reported on code.google.com by
skar...@gmail.com
on 3 Dec 2008 at 4:43