�
Table of Contents
�
The aim was to have a replacement for the Netscape commerce server that with the simple addition of a key would be able to server Netscape clients. The patches to NCSA Mosaic were done such that it can talk to this server.
Still to do is the work for a SSL pipe to CGI interface ... at the moment we have not done that block of work (other time pressures) which simply involves an extra process acting as a filter for the SSL encoded I/O.
Note: cgi's are mostly working now ... still have to track down a bug in handling submission of forms, but activation of cgi scripts seems okay.
The httpd stuff was a little messy as the I/O is done in multiple different locations and involved lots of printf's so I cut a printf wrapper (which is in ssl/ssl_trc.c to make life a little easy and the code more maintainable. This wrapper really should be put into httpd and the I/O restructured to go though a single point however that will take more time than is available at the moment.
�
Usual changes for SSL
�
Command line option addition -z ssl
-z ssl
-z debug
-z verify=INT
-z cert=filename
-z key=filename
-z standalone # run standalone for a single request
# which is very useful for debugging
Note: this means that to run http in a mode that will offer https services you must start httpd with the -z ssl option.
�
Added DEFAULT_SSL_POR of 443 and defined the global state variables. Also the macro FPRINTF for the SSL version of fprintf was added to make "porting" easier.
�
Set the port to DEFAULT_SSL_PORT rather than DEFAULT_PORT if we are running as a SSL HTTPS server.
�
Catch heaps of fprintf's
�
Catch some fprintf's
�
Initial SSL connection negotiation added here ... also had to trap the write sequence in send_fd().
�
Changed getline() to support SSL