client certificates

[Aleksandar Lazic]

On Don 28.12.2006 14:36, Igor Sysoev wrote:
>On Thu, 28 Dec 2006, Aleksandar Lazic wrote:
[snipp]
>>Is it possible to get the
>>
>>http://wiki.codemongers.com/NginxHttpSslModule
>>=> variables at the bottom of the site into perl?
>
>Yes, since 0.4.12 you can use
>
>     $my $ssl_client_s_dn = $r->variable("ssl_client_s_dn");

Thanks.

>>Is this assumption right?
>
>Yes, you are right and this is documented in
>http://wiki.codemongers.com/NginxEmbeddedPerlModule
>
>---
>2. If a Perl module performs protracted operation, (for example DNS
>    lookups, database queries, etc), then the process that is running
>    the Perl script is completely tied up for the duration of script.
>    Therefore embedded Perl scripts should be extremely careful to limit
>    themselves to short, predictable operations.
>---

Yep but we have talked about a non-blocking version, as you say below,
in the past therefore I have think I have overread something.

>Since 0.5.3 the ngx_http_perl_module supports
>
>    $r->sleep(milliseconds, \&continuation_handler);
>
>to delay a perl processing and return a control to the nginx:

[snipp nice example]
Thanks ;-)

>I have plan to add such non-blocking continuation perl interfaces to
>DNS and MySQL. The some part of MySQL code was even written in May 2006
>but now it is frozen.

I remember we have talked about this.

>However, the main problem with "perl_set $pass MyAuthCheck;" is that
>currently nginx variables does not support non-blocking interface.  I
>have plan to add it too.

Nice to hear it ;-)

Regards

Aleks