From: Stefan Sperling Date: Tue, 5 May 2015 14:09:35 +0000 (+0000) Subject: mod_ssl namespacing: Merge SSL_X509_INFO_load_path() into its only caller X-Git-Tag: 2.5.0-alpha~3174 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2548969450ce9649cbc04136897cb63e39e23437;p=apache mod_ssl namespacing: Merge SSL_X509_INFO_load_path() into its only caller ssl_init_proxy_certs() in ssl_engine_init.c. No functional change. Review by: kbrand git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1677830 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c index e7b45c2b58..ab3d83653f 100644 --- a/modules/ssl/ssl_engine_init.c +++ b/modules/ssl/ssl_engine_init.c @@ -1247,7 +1247,26 @@ static apr_status_t ssl_init_proxy_certs(server_rec *s, } if (pkp->cert_path) { - SSL_X509_INFO_load_path(ptemp, sk, pkp->cert_path); + apr_dir_t *dir; + apr_finfo_t dirent; + apr_int32_t finfo_flags = APR_FINFO_TYPE|APR_FINFO_NAME; + + if (apr_dir_open(&dir, pkp->cert_path, ptemp) == APR_SUCCESS) { + while ((apr_dir_read(&dirent, finfo_flags, dir)) == APR_SUCCESS) { + const char *fullname; + + if (dirent.filetype == APR_DIR) { + continue; /* don't try to load directories */ + } + + fullname = apr_pstrcat(ptemp, + pkp->cert_path, "/", dirent.name, + NULL); + modssl_X509_INFO_load_file(ptemp, sk, fullname); + } + + apr_dir_close(dir); + } } if ((ncerts = sk_X509_INFO_num(sk)) <= 0) { diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c index b6b9d7f9a3..658533d424 100644 --- a/modules/ssl/ssl_util_ssl.c +++ b/modules/ssl/ssl_util_ssl.c @@ -441,43 +441,6 @@ BOOL modssl_X509_INFO_load_file(apr_pool_t *ptemp, return TRUE; } -BOOL SSL_X509_INFO_load_path(apr_pool_t *ptemp, - STACK_OF(X509_INFO) *sk, - const char *pathname) -{ - /* XXX: this dir read code is exactly the same as that in - * ssl_engine_init.c, only the call to handle the fullname is different, - * should fold the duplication. - */ - apr_dir_t *dir; - apr_finfo_t dirent; - apr_int32_t finfo_flags = APR_FINFO_TYPE|APR_FINFO_NAME; - const char *fullname; - BOOL ok = FALSE; - - if (apr_dir_open(&dir, pathname, ptemp) != APR_SUCCESS) { - return FALSE; - } - - while ((apr_dir_read(&dirent, finfo_flags, dir)) == APR_SUCCESS) { - if (dirent.filetype == APR_DIR) { - continue; /* don't try to load directories */ - } - - fullname = apr_pstrcat(ptemp, - pathname, "/", dirent.name, - NULL); - - if (modssl_X509_INFO_load_file(ptemp, sk, fullname)) { - ok = TRUE; - } - } - - apr_dir_close(dir); - - return ok; -} - /* _________________________________________________________________ ** ** Custom (EC)DH parameter support diff --git a/modules/ssl/ssl_util_ssl.h b/modules/ssl/ssl_util_ssl.h index fba516a75a..e1fb27a969 100644 --- a/modules/ssl/ssl_util_ssl.h +++ b/modules/ssl/ssl_util_ssl.h @@ -68,7 +68,6 @@ char *modssl_X509_NAME_to_string(apr_pool_t *, X509_NAME *, int); BOOL modssl_X509_getSAN(apr_pool_t *, X509 *, int, int, apr_array_header_t **); BOOL modssl_X509_match_name(apr_pool_t *, X509 *, const char *, BOOL, server_rec *); BOOL modssl_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); -BOOL SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); int SSL_CTX_use_certificate_chain(SSL_CTX *, char *, int, pem_password_cb *); char *SSL_SESSION_id2sz(unsigned char *, int, char *, int);