From: William A. Rowe Jr Date: Thu, 30 May 2002 16:00:28 +0000 (+0000) Subject: Thanks for verifying these are valid, Doug. Now this [much shorter] X-Git-Tag: 2.0.37~163 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=29b8f27c87c93a06dc5f7a300919c04e1d06424a;p=apache Thanks for verifying these are valid, Doug. Now this [much shorter] list should be living in our STATUS file. Question of module maps and file layout is already off to the list. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95403 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index c2a743e6e0..ffea39d0be 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2002/05/30 06:02:15 $] +Last modified at [$Date: 2002/05/30 16:00:28 $] Release: @@ -393,14 +393,6 @@ RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it actually works) and add in a splash of Win9x service code. - * In order to use a DSO version of mod_ssl we have to link with - -lssl and -lcrypto. A workaround is in place right now where the - entire EXTRA_LIBS macro is being appended to the objects list, but - this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT - autoconf function or come up with some other autoconf checks to - search for libssl and libcrypto and properly add them to mod_ssl's - link flags. - * Fix the worker MPM to use POD to kill child processes instead of ap_os_killpg, regardless of how they should die. (Ryan Bloom) @@ -411,6 +403,52 @@ RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: Message-ID: +TODO ISSUES REMAINING IN MOD_SSL: + + * In order to use a DSO version of mod_ssl we have to link with + -lssl and -lcrypto. A workaround is in place right now where the + entire EXTRA_LIBS macro is being appended to the objects list, but + this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT + autoconf function or come up with some other autoconf checks to + search for libssl and libcrypto and properly add them to mod_ssl's + link flags. + + * SSL renegotiations in combination with POST request + + * Port or dispose all code inside #if 0...#endif blocks that remain + from the porting effort. + + * Do we need SSL_set_read_ahead()? + + * the ssl_expr api is NOT THREAD SAFE. race conditions exist: + -in ssl_expr_comp() if SSLRequire is used in .htaccess + (ssl_expr_info is global) + -is ssl_expr_eval() if there is an error + (ssl_expr_error is global) + + * SSLRequire directive (parsing of) leaks memory + + * Diffie-Hellman-Parameters for temporary keys are hardcoded in + ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says: + "it is suggested that keys be changed daily or every 500 + transactions, and more often if possible." + + * ssl_var_lookup could be rewritten to be MUCH faster + + + * CRL callback should be pluggable + + * session cache store should be pluggable + + * init functions should return status code rather than ssl_die() + + * ssl_engine_pphrase.c needs to be reworked so it is generic enough + to also decrypt proxy keys + + * the shmcb code should just align its memory segment rather than + jumping through all the "safe" memcpy and memset hoops + + EXPERIMENTAL MODULES: Experimental modules should eventually be be promoted to fully supported status or removed from the repository entirely (ie, the