mod_gnutls: Requiring encryption

I recently switched over from using mod_ssl to mod_gnutls for providing encryption and verification on some of my web servers. mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0, TLS 1.1 and 1.2 encryption for Apache HTTPD, and it is similar to mod_ssl in purpose - but does not use OpenSSL. Since some of the servers only have 1 public IP; in order to provide encryption on multiple websites I prefer to use TLS, although, in all fairness, SSL with SNI is an alternative. I do, however feel the TLS protocol is a cleaner one, so I'll support that.

As a result of the switch is now also encryption-enabled, using a self-signed certificate that can be verified through the Web of Trust of OpenPGP using Monkeysphere.

One thing I am missing in mod_gnutls is however a way to require certain file paths to be encrypted. Ok, this can be done using configuration directives in the VirtualHost settings for the non-TLS enabled host, but I find it much cleaner to be able to append this on a per-directory basis (.htaccess). As such, I've written a small patch that add the "GnuTLSRequireSSL" directive to mod_gnutls. This take one argument that can have the values "On" or "Off". Download the patch here