]>
granicus.if.org Git - apache/log
Brian Havard [Mon, 1 Apr 2002 16:42:02 +0000 (16:42 +0000)]
Destroy the connection pool (and therefore run the cleanups) before destroying
the bucket_alloc as the cleanups refer to buckets allocated by the
bucket_alloc.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94360
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Mon, 1 Apr 2002 16:09:46 +0000 (16:09 +0000)]
If this is a subrequest, register the cleanup against
the main request. This will prevent the cache object
from being cleaned up from under the request after the
subrequest is destroyed.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94359
13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Mon, 1 Apr 2002 12:53:09 +0000 (12:53 +0000)]
Don't allow initialization to succeed if we can't get a socket
corresponding to one of the Listen statements.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94358
13f79535 -47bb-0310-9956-
ffa450edef68
Ryan Bloom [Mon, 1 Apr 2002 08:27:42 +0000 (08:27 +0000)]
Migrate perchild to the new lock API, and clean up some of the logic
surrounding the FD passing. This doesn't work yet, but it is getting
closer. Currently, the problem is that we don't correctly read the data
from the socket so that it can be passed to the correct child.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94357
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Mon, 1 Apr 2002 05:43:47 +0000 (05:43 +0000)]
Match the new APR_BUCKET_BUFF_SIZE. We want this to be slightly less than
8KB to leave room for the various allocators' internal structures while
still fitting into a total of 8KB.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94356
13f79535 -47bb-0310-9956-
ffa450edef68
Dirk-Willem van Gulik [Mon, 1 Apr 2002 04:32:40 +0000 (04:32 +0000)]
Made AB's use of the Host: header rfc2616 compliant as
reported by Taisuke Yamada <tai@iij.ad.jp>
PR:
Obtained from: Mailing list
Submitted by: Taisuke Yamada <tai@iij.ad.jp>
Reviewed by: Dirk-Willem van Gulik
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94355
13f79535 -47bb-0310-9956-
ffa450edef68
Ryan Bloom [Mon, 1 Apr 2002 03:41:31 +0000 (03:41 +0000)]
A bunch of Perchild changes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94353
13f79535 -47bb-0310-9956-
ffa450edef68
Ryan Bloom [Mon, 1 Apr 2002 03:37:21 +0000 (03:37 +0000)]
Make perchild work with the new bucket_allocation API. Also, allow
the Perchild directives to take both numerical UID/GID and the
logical user name/group name.
PR: 9784
Submitted by: named UID/GID logic: Scott Lamb <slamb@slamb.org>
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94352
13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Mon, 1 Apr 2002 02:41:08 +0000 (02:41 +0000)]
pointer subtraction yeilds a ssize_t, fix emit by notating the
expression in terms of addition
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94351
13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Mon, 1 Apr 2002 02:39:31 +0000 (02:39 +0000)]
Fix another linkage error for 2.0.34 and cvs head
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94350
13f79535 -47bb-0310-9956-
ffa450edef68
Ryan Bloom [Mon, 1 Apr 2002 00:32:39 +0000 (00:32 +0000)]
Get the Perchild MPM to compile and serve pages again. There are a lot
of bugs left in this, but I am taking things one step at a time. This
will work again. This also gets perchild using the correct variable for
MaxRequestsPerChild
PR: 9856, 9855, 9052
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94349
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sun, 31 Mar 2002 17:32:23 +0000 (17:32 +0000)]
it is sunny and warm in tahoe, still plenty of snow on the mountains
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94348
13f79535 -47bb-0310-9956-
ffa450edef68
William A. Rowe Jr [Sun, 31 Mar 2002 12:42:51 +0000 (12:42 +0000)]
Roll these changes into 2.0.34
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94347
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Havard [Sun, 31 Mar 2002 07:48:56 +0000 (07:48 +0000)]
Handle CR/LF terminated lines from CGI scripts.
Reviewed by: Brian Pane
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94346
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Sat, 30 Mar 2002 23:55:16 +0000 (23:55 +0000)]
Removed the single-byte header reads from mod_cgid
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94344
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Sat, 30 Mar 2002 23:11:55 +0000 (23:11 +0000)]
Fixed script error logging, which I'd left commented out after making
the changes to use a brigade to read the script headers
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94343
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Sat, 30 Mar 2002 22:48:39 +0000 (22:48 +0000)]
Fix for a bug that I introduced when eliminating the single-byte
reads in mod_cgi: eof wasn't treated as an error condition when
reading the script headers, so we were delivering a 200 when a
CGI script produced no output.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94342
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 08:11:44 +0000 (08:11 +0000)]
add/use EVP_PKEY_reference_inc and X509_reference_inc compat macros
to get these changes working with sslc
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94341
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 07:42:30 +0000 (07:42 +0000)]
add sslc compat for sk_X509_INFO_free
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94340
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:46:24 +0000 (06:46 +0000)]
add SSLProxyCARevocation{File,Path} directives to support CRLs in the proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94338
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:38:10 +0000 (06:38 +0000)]
pass sc to myCtxConfig macro
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94337
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:36:56 +0000 (06:36 +0000)]
make it possible for proxy to use CRL callback
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94336
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:20:16 +0000 (06:20 +0000)]
enable the verify callback for proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94334
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:19:14 +0000 (06:19 +0000)]
ap_proxy_http_request needs to check the return status of ap_pass_brigade
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94333
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 06:03:08 +0000 (06:03 +0000)]
change sc->server references to myCtxConfig, so proxy can use the
verify callback.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94332
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 05:57:59 +0000 (05:57 +0000)]
add myCtxConfig macro
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94331
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 05:40:02 +0000 (05:40 +0000)]
implement proxy client certificate callback
(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94329
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 05:16:55 +0000 (05:16 +0000)]
input filter should not return failure when ssl runtime wants to read more
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94328
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 04:52:48 +0000 (04:52 +0000)]
ssl_io_input_read needs to return something other than APR_SUCCESS
when bucket read from socket was successful,
but there was an error within the ssl runtime.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94327
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 01:50:10 +0000 (01:50 +0000)]
load SSLProxyMachineCertificate{File,Path}
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94324
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 01:41:35 +0000 (01:41 +0000)]
enable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94323
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Sat, 30 Mar 2002 00:00:21 +0000 (00:00 +0000)]
Fix the version string. We want to end up with "mod_ssl/2.0.xx", not
"mod_ssl/Apache/2.0.xx".
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94320
13f79535 -47bb-0310-9956-
ffa450edef68
Joshua Slive [Fri, 29 Mar 2002 19:22:47 +0000 (19:22 +0000)]
Cloudy today.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94317
13f79535 -47bb-0310-9956-
ffa450edef68
Dirk-Willem van Gulik [Fri, 29 Mar 2002 19:20:40 +0000 (19:20 +0000)]
Removed email address on request - as obviscation was slammed down on the list - and Google is your friend in any case
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94315
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 17:56:33 +0000 (17:56 +0000)]
add SSLProxyEngine directive. this was not required in the 1.x based
mod_ssl because the SSL_CTX was created and configured for *every*
request. unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance. but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94314
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 17:48:28 +0000 (17:48 +0000)]
check the return value of ap_proxy_ssl_enable
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94313
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Fri, 29 Mar 2002 16:21:48 +0000 (16:21 +0000)]
Syncing makes no sense now
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94309
13f79535 -47bb-0310-9956-
ffa450edef68
Paul J. Reder [Fri, 29 Mar 2002 16:15:33 +0000 (16:15 +0000)]
PR:
Obtained from:
Submitted by: Paul J. Reder
Reviewed by:
Remove the MPM_SYNC_CHILD_TABLE macro since there is no longer a scoreboard
file that needs to be synched.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94308
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Fri, 29 Mar 2002 14:33:50 +0000 (14:33 +0000)]
The old, legacy (and unused) code in which the scoreboard was totally
and completely contained in a file (SCOREBOARD_FILE) has been
removed. This does not affect scoreboards which are *mapped* to
files using named-shared-memory at all. This implies that scoreboards
must be based, at some level, on native shared memory (mmap, shm_open,
shmget, whatever), but the code has assumed that for quite awhile
now. Having the scoreboard be *based* on a file makes no sense today.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94306
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Fri, 29 Mar 2002 08:17:26 +0000 (08:17 +0000)]
BUCKET FREELISTS
Add an allocator-passing mechanism throughout the bucket brigades API.
From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook. That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94304
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 08:04:04 +0000 (08:04 +0000)]
import ssl_proxy_enable in the post config phase, otherwise LoadModule
order may leave us without the function.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94303
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:37:28 +0000 (07:37 +0000)]
remove ssl_engine_ext.c
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94302
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:36:01 +0000 (07:36 +0000)]
removing old proxy extension code
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94301
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:29:11 +0000 (07:29 +0000)]
hook into mod_ssl for https support
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94300
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:23:09 +0000 (07:23 +0000)]
need to flush output buffer before reading in proxy mode
need to call ssl_hook_process_connection in the output filter in proxy
mode, since proxy hits the output filter before the input filter
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94299
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:22:43 +0000 (07:22 +0000)]
in proxy mode we need to SSL_connect rather than SSL_accept in
ssl_hook_process_connection.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94298
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Fri, 29 Mar 2002 07:12:01 +0000 (07:12 +0000)]
These two variables were left uninitialized accidentally.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94297
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 06:26:03 +0000 (06:26 +0000)]
Document the variable expansion enhancements for mod_include
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94295
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 05:58:39 +0000 (05:58 +0000)]
Allow variable expansion within in the "var" arg to <!--#echo
and <!--#set, so that people can do things like this:
<!--#echo var="${foo}_${bar}" -->
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94294
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 04:50:37 +0000 (04:50 +0000)]
add optional function (ssl_proxy_enable) to turn on ssl proxy
choose SSL_CTX based on SSLConnRec.is_proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94293
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 04:48:01 +0000 (04:48 +0000)]
init proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94292
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 04:47:10 +0000 (04:47 +0000)]
Replaced my fix for the is_only_below() bug with Cliff's faster
and simpler version.
Submitted by: Cliff Woolley
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94291
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 03:19:12 +0000 (03:19 +0000)]
s/id/mode/ in ssl_cmd_SSLProxyVerify
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94290
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 03:05:49 +0000 (03:05 +0000)]
use ssl_cmd_verify_parse for SSLProxyVerify directive handler
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94289
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:59:27 +0000 (02:59 +0000)]
cleanup the proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94288
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:48:20 +0000 (02:48 +0000)]
s/ctx/dcfg/g in ssl directive handlers
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94287
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:43:33 +0000 (02:43 +0000)]
enable proxy directives
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94286
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:20:58 +0000 (02:20 +0000)]
change existing ssl_init_ctx() to ssl_init_ctx_protocol()
new ssl_init_ctx() inits the lot: protocol, session_cache, callbacks,
verify, cipher suite, crl, cert_chain
new ssl_init_server_ctx function inits everything for sc->server
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94285
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 02:14:45 +0000 (02:14 +0000)]
Fixes for three problems in mod_include:
* The ctx->tag_length computation in find_end_sequence() was a bit
broken in cases where there was a "false alarm" match on a partial
"-->"
* The ap_ssi_get_tag_and_value() function needs to avoid walking off
the end of the string. After debugging this some more, I ended up
using Cliff's original patch.
* Infinite loop in is_only_below()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94284
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:09:59 +0000 (02:09 +0000)]
proxy will have a different verify callback
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94283
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:06:57 +0000 (02:06 +0000)]
proxy needs to use client ssl method
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94282
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:01:49 +0000 (02:01 +0000)]
setup sc->proxy->sc
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94281
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:00:20 +0000 (02:00 +0000)]
add ssl_config_server_new function to fold some duplication in server
create/merge and to make sure merge config is fully inititialized
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94280
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:56:40 +0000 (01:56 +0000)]
inititialize and merge proxy config
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94279
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:42:04 +0000 (01:42 +0000)]
no point in merging things which are not set until after merge happens.
make a note of those which are set during module init.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94278
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:24:10 +0000 (01:24 +0000)]
'ctx' traditionally refers to an SSL_CTX. change modssl_ctx_t
instances to 'mctx'
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94277
13f79535 -47bb-0310-9956-
ffa450edef68
Bradley Nicholes [Fri, 29 Mar 2002 00:39:56 +0000 (00:39 +0000)]
Stop the while loop from incrementing twice per iteration before checking for
the NULL terminator. This was causing the while loop to walk off the end of any
string with an odd number of characters.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94276
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:50:48 +0000 (19:50 +0000)]
ctx->sc is set during init
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94275
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:48:31 +0000 (19:48 +0000)]
switch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
functions
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94274
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:15:03 +0000 (19:15 +0000)]
make merging of modssl_ctx_t's generic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94273
13f79535 -47bb-0310-9956-
ffa450edef68
Joshua Slive [Thu, 28 Mar 2002 19:04:48 +0000 (19:04 +0000)]
Update Redhat layout to v7.
PR: BZ-7422
Submitted by: Joe Orton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94272
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:58:06 +0000 (18:58 +0000)]
moving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94271
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:54:52 +0000 (18:54 +0000)]
remove unused cfgMerge{Table,Ctx} macros
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94269
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:53:54 +0000 (18:53 +0000)]
moving protocol location
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94268
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:50:07 +0000 (18:50 +0000)]
breakup SSLSrvConfigRec in preparation for proxy support:
+ modssl_pk_server_t - certs/keys for the server
+ modssl_pk_proxy_t - certs/keys for the proxy
+ modssl_auth_ctx_t - stuff related to authentication that can also
be per-dir, used by both server and proxy
+ modssl_ctx_t - context that can be used by both server and proxy
+ SSLSrvConfigRec - now contains original stuff specific to the
server config and modssl_ctx_t *server, *proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94267
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:23:50 +0000 (17:23 +0000)]
ripping out some proxy stuff that isn't currently in use and is going
to change anyhow.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94266
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:16:41 +0000 (17:16 +0000)]
already added configure check for SSL_set_cert_store
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94265
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:11:12 +0000 (17:11 +0000)]
de-hungarian-ize server config member names which are going to stay
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94264
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 16:47:36 +0000 (16:47 +0000)]
reorder a bit of the server config structure, moving items that are
going to stay there to the top.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94263
13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Thu, 28 Mar 2002 11:17:59 +0000 (11:17 +0000)]
signature of quick_handler hook changed
(mod_example's quick_handler hook doesn't have to do anything
with the new parameter)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94262
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:51:52 +0000 (02:51 +0000)]
remove error msg hint that is no longer true
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94261
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:46:28 +0000 (02:46 +0000)]
fixup naming:
ssl_init_ctx_* will be used for both proxy and server
ssl_init_server_* is specific to the server
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94260
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:40:01 +0000 (02:40 +0000)]
move context callback setting to ssl_init_ctx_callbacks function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94259
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:36:05 +0000 (02:36 +0000)]
move server cert/key initialization to ssl_init_server_certs function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94258
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:28:06 +0000 (02:28 +0000)]
copy DSA params to server server during key import
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94257
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:09:58 +0000 (02:09 +0000)]
fix logic from last commit, need to always try importing _both_ rsa
and dsa
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94256
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:01:03 +0000 (02:01 +0000)]
fold some duplication into generic ssl_server_import_key function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94255
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Thu, 28 Mar 2002 01:57:03 +0000 (01:57 +0000)]
Revert my last fix, which broke more things than it fixed
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94254
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:47:50 +0000 (01:47 +0000)]
fold some duplication into generic ssl_server_import_cert function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94253
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:32:41 +0000 (01:32 +0000)]
move server cert checking into generic ssl_check_public_cert function.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94252
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Thu, 28 Mar 2002 01:19:58 +0000 (01:19 +0000)]
Don't walk past the end of the tag in ap_ssi_get_tag_and_value()
Discovered by: Cliff Woolley
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94251
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:14:53 +0000 (01:14 +0000)]
move server specific init config checks into ssl_init_check_server
function (ssl_init_check_proxy will be different)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94250
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:07:20 +0000 (01:07 +0000)]
break out certificate chain initialization into
ssl_init_cert_chain function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94249
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Thu, 28 Mar 2002 01:05:24 +0000 (01:05 +0000)]
ap_run_sub_req does not return apr_status, so we shouldn't be checking
APR_STATUS_IS_EPIPE(). Also, remove the code that assumed the sub_req_lookup_uri
actually served up the content in the quick handler. We now call the quick_handler
in ap_run_sub_req()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94248
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 00:34:13 +0000 (00:34 +0000)]
there is a heaping pile of:
ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID)
add SSL_INIT flag to cut down some noise and end up with:
ssl_log(s, flags, "...")
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94247
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:53:27 +0000 (23:53 +0000)]
break out certificate revocation list initialization into
ssl_init_crl function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:49:09 +0000 (23:49 +0000)]
break out cipher suite initialization into ssl_init_cipher_suite function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94245
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:35:31 +0000 (23:35 +0000)]
"new" is a c++ keyword; s/new/mrg/g in config merge functions
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94244
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:25:58 +0000 (23:25 +0000)]
move warning about session cache not being configured to ssl_scache_init
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94243
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:19:08 +0000 (23:19 +0000)]
break out SSL_CTX session initialization into
ssl_init_session_cache_ctx function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94242
13f79535 -47bb-0310-9956-
ffa450edef68