SSL-data access from verious handlers. was: Re:[mod_python] problem w/ authen handler

Graham Dumpleton grahamd at
Mon May 23 18:43:03 EDT 2005

Bud P. Bruegger wrote ..
> Hi Graham,
> thanks for the great material on the topic!  More below..
> At 22.05 23/05/2005 +1000, Graham Dumpleton wrote:
> >Overall, what would be most useful I guess is if mod_python provided a
> way 
> >of saying
> >whether a handler should be executed as first, middle or last. If this
> >ability existed
> >you could specify your handler to be run within the last group of the
> >fixuphandlers,
> >thus ensuring that it is run after the SSL middle fixuphandler where 
> >common vars would
> >be primed.
> This idea is intriguing.  How difficult would this be to implement?  I
> suppose this may be interesting not only for fixup handlers?

There are a few parts, first is to come up with syntax for Apache
configuration of how to indicate first, middle or last and write code to
parse that. Default would still be middle if not specified. Interesting
to see if mod_perl has a way of doing something similar and how they
may represent it in Apache configuration.

Next is the code related to lists of handlers for each phase has to be
duplicated so there is a set for first and last as well as current middle.

Then distinct hook functions registered for first and last for each phase,
which then trigger handlers as appropriate.

> While the module execution order sounds like a nice solution, I'm still
> wondering about the alternative approach of accessing mod-SSL's data. 
> Is 
> there a possibility to access different tables from mod-python than just
> req.notes and req.connection.notes?  Or are these data strictly private
> to 
> the module that sets them?

You probably wouldn't access its data structures directly. Instead it seems
to register a couple of special functions as follows:

void ssl_var_register(void)

This registration apparently allows a different module to look the functions
up by name and if present then call them. If mod_python provided some
means of looking up these special registered functions and then safely
calling them, you could use "ssl_var_lookup()" to get access to the data
you need.

The beauty of "ssl_var_lookup()" is that it should be able to be used in
whatever phase you want and not be dependent on waiting to common
vars to be populated in SSL fixup handler.

There is a bit of documentation about these registered functions macros

The macros supposedly try and make it type safe, so haven't quite worked
out how you are meant to use them yet. In part it looks like compile time
binding is required, which would be an issue with Python. What you might
be able to do though is write a little C based Python module which did
the lookup and calling of "ssl_var_lookup()" for you by going direct to the
Apache runtime library calls. May work. :-)


More information about the Mod_python mailing list