granicus.if.org Git - apache/commit

author	Ruediger Pluem <rpluem@apache.org>
	Wed, 1 Apr 2009 12:07:47 +0000 (12:07 +0000)
committer	Ruediger Pluem <rpluem@apache.org>
	Wed, 1 Apr 2009 12:07:47 +0000 (12:07 +0000)
commit	e468a9fae6b8607ab8c770e33816c7430562c01b
tree	63619010ac076f3e0c1498ae4101d19a6f701a2a	tree \| snapshot
parent	23ac01a833c74e3ca1f92f66f295a993ad224d35	commit \| diff

* Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives to enable
  stricter checking of remote server certificates.

  (docs/manual/mod/mod_ssl.xml)
    Documentation of SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN.

  (modules/proxy/mod_proxy_http.c)
    Set the hostname of the request URL as note on the connection.

  (modules/ssl/ssl_private.h)
    Add proxy_ssl_check_peer_expire and proxy_ssl_check_peer_cn fields to
    the SSLSrvConfigRec.

  (modules/ssl/ssl_engine_config.c)
    Directives stuff for SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN.

  (modules/ssl/ssl_engine_io.c)
    Check whether the remote servers certificate is expired / if there is a
    mismatch between the requested hostanme and the remote server certificates
    CN field.
    Be able to parse ASN1 times.

  (modules/ssl/mod_ssl.c)
    Directives stuff for SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@760866 13f79535-47bb-0310-9956-ffa450edef68

CHANGES		diff \| blob \| history
docs/manual/mod/mod_ssl.xml		diff \| blob \| history
modules/proxy/mod_proxy_http.c		diff \| blob \| history
modules/ssl/mod_ssl.c		diff \| blob \| history
modules/ssl/ssl_engine_config.c		diff \| blob \| history
modules/ssl/ssl_engine_io.c		diff \| blob \| history
modules/ssl/ssl_private.h		diff \| blob \| history