This is the directive handling commit only, the mechanics patch will
follow. PassPhraseDialog "|/path/to/pipe" will use the bidirectional
pipe to have a 'conversation', along the lines of the tty dialog with
PassPhraseDialog 'builtin'. This is entirely different than the 'exec'
method, which simply runs once for each passphrase, and doesn't allow
for failure/retries, and certainly doesn't offer any sensible 'dialog'.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93606
13f79535-47bb-0310-9956-
ffa450edef68
"(`none', `file:/path/to/file')")
SSL_CMD_SRV(PassPhraseDialog, TAKE1,
"SSL dialog mechanism for the pass phrase query "
- "(`builtin', `exec:/path/to/program')")
+ "(`builtin', `|/path/to/pipe_program`, or `exec:/path/to/cgi_program')")
SSL_CMD_SRV(SessionCache, TAKE1,
"SSL Session Cache storage "
"(`none', `dbm:/path/to/file')")
typedef enum {
SSL_PPTYPE_UNSET = UNSET,
SSL_PPTYPE_BUILTIN = 0,
- SSL_PPTYPE_FILTER = 1
+ SSL_PPTYPE_FILTER = 1,
+ SSL_PPTYPE_PIPE = 2
} ssl_pphrase_t;
/*
/* Pass Phrase Support */
void ssl_pphrase_Handle(server_rec *, apr_pool_t *);
-int ssl_pphrase_Handle_CB(char *, int, int, void *);
/* Diffie-Hellman Parameter Support */
DH *ssl_dh_GetTmpParam(int);
SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
const char *err;
- if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL)
+ if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL) {
return err;
+ }
if (strcEQ(arg, "builtin")) {
sc->nPassPhraseDialogType = SSL_PPTYPE_BUILTIN;
sc->szPassPhraseDialogPath = NULL;
return ((const char *)apr_pstrcat(cmd->pool, "SSLPassPhraseDialog: file '",
sc->szPassPhraseDialogPath, "' does not exist",NULL));
}
+ else if (strlen(arg) > 1 && (arg[0] == '|')) {
+ sc->nPassPhraseDialogType = SSL_PPTYPE_PIPE;
+ sc->szPassPhraseDialogPath = arg + 1;
+ }
else
return "SSLPassPhraseDialog: Invalid argument";
return NULL;
projects / apache / commitdiff