diff options
author | Paul Querna | 2005-04-06 05:25:21 +0000 |
---|---|---|
committer | Paul Querna | 2005-04-06 05:25:21 +0000 |
commit | 6af4f7471c1302f1a936f774d796d33884e6de8e (patch) | |
tree | 19f98bdec6d73da6520d25f92db5529ca5ee55e0 /README | |
parent | 42307a9120b12fa5eb6fe1b316ef521ae46dbeb9 (diff) |
working on a release.. really!
Diffstat (limited to 'README')
-rw-r--r-- | README | 60 |
1 files changed, 60 insertions, 0 deletions
@@ -0,0 +1,60 @@ | |||
1 | mod_gnutls | ||
2 | |||
3 | This module started back in September of 2004 because I was tired of trying to | ||
4 | fix bugs in mod_ssl. mod_ssl is a giant beast of a module -- no offense to it's | ||
5 | authors is intended -- but I believe it has fallen prey to massive feature bloat. | ||
6 | |||
7 | When I started hacking on httpd, mod_ssl remained a great mystery to me, and | ||
8 | when I actually looked at it, I ran away. The shear ammount code is huge, and it | ||
9 | does not conform to the style guidelines. It was painful to read, and even harder | ||
10 | to debug. I wanted to understand how it worked, and I had recently heard about | ||
11 | GnuTLS, so long story short, I decided to implement a mod_gnutls. | ||
12 | |||
13 | Lines of Code in mod_ssl: 15,324 | ||
14 | Lines of Code in mod_gnutls: 1,886 | ||
15 | |||
16 | Because of writing mod_gnutls, I now understand how input and output filters work, | ||
17 | better than I ever thought possible. It was a little painful at times, and some parts | ||
18 | lift code and ideas directly from mod_ssl. Kudos to the original authors of mod_ssl. | ||
19 | |||
20 | ---------------------------- | ||
21 | |||
22 | Author: Paul Querna <chip force-elite.com | ||
23 | |||
24 | License: Apache Software License v2.0. (see the LICENSE file for details) | ||
25 | |||
26 | Current Status: | ||
27 | - SSL and TLS connections with all popular browsers work! | ||
28 | - Sets some enviromental vars for scripts | ||
29 | - Supports Memcached as a distributed SSL Session Cache | ||
30 | - Supports DBM as a local SSL Session Cache | ||
31 | |||
32 | Future Development: | ||
33 | - Support for Server Name Indication (partial support is in, but disabled) | ||
34 | - Support for Client Certificates | ||
35 | |||
36 | Basic Configuration: | ||
37 | |||
38 | LoadModule gnutls_module modules/mod_gnutls.so | ||
39 | |||
40 | # mod_gnutls can optionaly use a memcached server to store it's SSL Sessions. | ||
41 | # This is useful in a cluster enviroment, where you want all of your servers | ||
42 | # to share a single SSL Session Cache. | ||
43 | #GnuTLSCache memcache "127.0.0.1 server2.example.com server3.example.com" | ||
44 | |||
45 | # The Default method is to use a DBM backed Cache. It isn't super fast, but | ||
46 | # it is portable and does not require another server to be running like memcached. | ||
47 | GnuTLSCache dbm conf/gnutls_cache | ||
48 | |||
49 | <VirtualHost 1.2.3.4:443> | ||
50 | # insert other directives ... here ... | ||
51 | |||
52 | # This enables the mod_gnutls Handlers for this Virtual Host | ||
53 | GnuTLSEnable On | ||
54 | |||
55 | # This is the Private key for your server. | ||
56 | GnuTLSKeyFile conf/server.key | ||
57 | |||
58 | # This is the Server Certificate. | ||
59 | GnuTLSCertificateFile conf/server.cert | ||
60 | </VirtualHost> | ||