]>
granicus.if.org Git - apache/log
Doug MacEachern [Sat, 30 Mar 2002 05:57:59 +0000 (05:57 +0000)]
add myCtxConfig macro
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94331
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 05:40:02 +0000 (05:40 +0000)]
implement proxy client certificate callback
(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94329
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 05:16:55 +0000 (05:16 +0000)]
input filter should not return failure when ssl runtime wants to read more
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94328
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 04:52:48 +0000 (04:52 +0000)]
ssl_io_input_read needs to return something other than APR_SUCCESS
when bucket read from socket was successful,
but there was an error within the ssl runtime.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94327
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 01:50:10 +0000 (01:50 +0000)]
load SSLProxyMachineCertificate{File,Path}
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94324
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Sat, 30 Mar 2002 01:41:35 +0000 (01:41 +0000)]
enable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94323
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Sat, 30 Mar 2002 00:00:21 +0000 (00:00 +0000)]
Fix the version string. We want to end up with "mod_ssl/2.0.xx", not
"mod_ssl/Apache/2.0.xx".
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94320
13f79535 -47bb-0310-9956-
ffa450edef68
Joshua Slive [Fri, 29 Mar 2002 19:22:47 +0000 (19:22 +0000)]
Cloudy today.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94317
13f79535 -47bb-0310-9956-
ffa450edef68
Dirk-Willem van Gulik [Fri, 29 Mar 2002 19:20:40 +0000 (19:20 +0000)]
Removed email address on request - as obviscation was slammed down on the list - and Google is your friend in any case
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94315
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 17:56:33 +0000 (17:56 +0000)]
add SSLProxyEngine directive. this was not required in the 1.x based
mod_ssl because the SSL_CTX was created and configured for *every*
request. unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance. but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94314
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 17:48:28 +0000 (17:48 +0000)]
check the return value of ap_proxy_ssl_enable
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94313
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Fri, 29 Mar 2002 16:21:48 +0000 (16:21 +0000)]
Syncing makes no sense now
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94309
13f79535 -47bb-0310-9956-
ffa450edef68
Paul J. Reder [Fri, 29 Mar 2002 16:15:33 +0000 (16:15 +0000)]
PR:
Obtained from:
Submitted by: Paul J. Reder
Reviewed by:
Remove the MPM_SYNC_CHILD_TABLE macro since there is no longer a scoreboard
file that needs to be synched.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94308
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Fri, 29 Mar 2002 14:33:50 +0000 (14:33 +0000)]
The old, legacy (and unused) code in which the scoreboard was totally
and completely contained in a file (SCOREBOARD_FILE) has been
removed. This does not affect scoreboards which are *mapped* to
files using named-shared-memory at all. This implies that scoreboards
must be based, at some level, on native shared memory (mmap, shm_open,
shmget, whatever), but the code has assumed that for quite awhile
now. Having the scoreboard be *based* on a file makes no sense today.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94306
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Fri, 29 Mar 2002 08:17:26 +0000 (08:17 +0000)]
BUCKET FREELISTS
Add an allocator-passing mechanism throughout the bucket brigades API.
From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook. That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94304
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 08:04:04 +0000 (08:04 +0000)]
import ssl_proxy_enable in the post config phase, otherwise LoadModule
order may leave us without the function.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94303
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:37:28 +0000 (07:37 +0000)]
remove ssl_engine_ext.c
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94302
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:36:01 +0000 (07:36 +0000)]
removing old proxy extension code
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94301
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:29:11 +0000 (07:29 +0000)]
hook into mod_ssl for https support
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94300
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:23:09 +0000 (07:23 +0000)]
need to flush output buffer before reading in proxy mode
need to call ssl_hook_process_connection in the output filter in proxy
mode, since proxy hits the output filter before the input filter
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94299
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 07:22:43 +0000 (07:22 +0000)]
in proxy mode we need to SSL_connect rather than SSL_accept in
ssl_hook_process_connection.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94298
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Fri, 29 Mar 2002 07:12:01 +0000 (07:12 +0000)]
These two variables were left uninitialized accidentally.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94297
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 06:26:03 +0000 (06:26 +0000)]
Document the variable expansion enhancements for mod_include
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94295
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 05:58:39 +0000 (05:58 +0000)]
Allow variable expansion within in the "var" arg to <!--#echo
and <!--#set, so that people can do things like this:
<!--#echo var="${foo}_${bar}" -->
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94294
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 04:50:37 +0000 (04:50 +0000)]
add optional function (ssl_proxy_enable) to turn on ssl proxy
choose SSL_CTX based on SSLConnRec.is_proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94293
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 04:48:01 +0000 (04:48 +0000)]
init proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94292
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 04:47:10 +0000 (04:47 +0000)]
Replaced my fix for the is_only_below() bug with Cliff's faster
and simpler version.
Submitted by: Cliff Woolley
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94291
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 03:19:12 +0000 (03:19 +0000)]
s/id/mode/ in ssl_cmd_SSLProxyVerify
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94290
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 03:05:49 +0000 (03:05 +0000)]
use ssl_cmd_verify_parse for SSLProxyVerify directive handler
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94289
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:59:27 +0000 (02:59 +0000)]
cleanup the proxy context
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94288
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:48:20 +0000 (02:48 +0000)]
s/ctx/dcfg/g in ssl directive handlers
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94287
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:43:33 +0000 (02:43 +0000)]
enable proxy directives
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94286
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:20:58 +0000 (02:20 +0000)]
change existing ssl_init_ctx() to ssl_init_ctx_protocol()
new ssl_init_ctx() inits the lot: protocol, session_cache, callbacks,
verify, cipher suite, crl, cert_chain
new ssl_init_server_ctx function inits everything for sc->server
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94285
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Fri, 29 Mar 2002 02:14:45 +0000 (02:14 +0000)]
Fixes for three problems in mod_include:
* The ctx->tag_length computation in find_end_sequence() was a bit
broken in cases where there was a "false alarm" match on a partial
"-->"
* The ap_ssi_get_tag_and_value() function needs to avoid walking off
the end of the string. After debugging this some more, I ended up
using Cliff's original patch.
* Infinite loop in is_only_below()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94284
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:09:59 +0000 (02:09 +0000)]
proxy will have a different verify callback
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94283
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:06:57 +0000 (02:06 +0000)]
proxy needs to use client ssl method
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94282
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:01:49 +0000 (02:01 +0000)]
setup sc->proxy->sc
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94281
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 02:00:20 +0000 (02:00 +0000)]
add ssl_config_server_new function to fold some duplication in server
create/merge and to make sure merge config is fully inititialized
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94280
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:56:40 +0000 (01:56 +0000)]
inititialize and merge proxy config
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94279
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:42:04 +0000 (01:42 +0000)]
no point in merging things which are not set until after merge happens.
make a note of those which are set during module init.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94278
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Fri, 29 Mar 2002 01:24:10 +0000 (01:24 +0000)]
'ctx' traditionally refers to an SSL_CTX. change modssl_ctx_t
instances to 'mctx'
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94277
13f79535 -47bb-0310-9956-
ffa450edef68
Bradley Nicholes [Fri, 29 Mar 2002 00:39:56 +0000 (00:39 +0000)]
Stop the while loop from incrementing twice per iteration before checking for
the NULL terminator. This was causing the while loop to walk off the end of any
string with an odd number of characters.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94276
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:50:48 +0000 (19:50 +0000)]
ctx->sc is set during init
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94275
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:48:31 +0000 (19:48 +0000)]
switch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
functions
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94274
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 19:15:03 +0000 (19:15 +0000)]
make merging of modssl_ctx_t's generic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94273
13f79535 -47bb-0310-9956-
ffa450edef68
Joshua Slive [Thu, 28 Mar 2002 19:04:48 +0000 (19:04 +0000)]
Update Redhat layout to v7.
PR: BZ-7422
Submitted by: Joe Orton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94272
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:58:06 +0000 (18:58 +0000)]
moving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94271
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:54:52 +0000 (18:54 +0000)]
remove unused cfgMerge{Table,Ctx} macros
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94269
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:53:54 +0000 (18:53 +0000)]
moving protocol location
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94268
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 18:50:07 +0000 (18:50 +0000)]
breakup SSLSrvConfigRec in preparation for proxy support:
+ modssl_pk_server_t - certs/keys for the server
+ modssl_pk_proxy_t - certs/keys for the proxy
+ modssl_auth_ctx_t - stuff related to authentication that can also
be per-dir, used by both server and proxy
+ modssl_ctx_t - context that can be used by both server and proxy
+ SSLSrvConfigRec - now contains original stuff specific to the
server config and modssl_ctx_t *server, *proxy
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94267
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:23:50 +0000 (17:23 +0000)]
ripping out some proxy stuff that isn't currently in use and is going
to change anyhow.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94266
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:16:41 +0000 (17:16 +0000)]
already added configure check for SSL_set_cert_store
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94265
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 17:11:12 +0000 (17:11 +0000)]
de-hungarian-ize server config member names which are going to stay
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94264
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 16:47:36 +0000 (16:47 +0000)]
reorder a bit of the server config structure, moving items that are
going to stay there to the top.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94263
13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Thu, 28 Mar 2002 11:17:59 +0000 (11:17 +0000)]
signature of quick_handler hook changed
(mod_example's quick_handler hook doesn't have to do anything
with the new parameter)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94262
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:51:52 +0000 (02:51 +0000)]
remove error msg hint that is no longer true
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94261
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:46:28 +0000 (02:46 +0000)]
fixup naming:
ssl_init_ctx_* will be used for both proxy and server
ssl_init_server_* is specific to the server
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94260
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:40:01 +0000 (02:40 +0000)]
move context callback setting to ssl_init_ctx_callbacks function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94259
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:36:05 +0000 (02:36 +0000)]
move server cert/key initialization to ssl_init_server_certs function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94258
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:28:06 +0000 (02:28 +0000)]
copy DSA params to server server during key import
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94257
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:09:58 +0000 (02:09 +0000)]
fix logic from last commit, need to always try importing _both_ rsa
and dsa
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94256
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 02:01:03 +0000 (02:01 +0000)]
fold some duplication into generic ssl_server_import_key function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94255
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Thu, 28 Mar 2002 01:57:03 +0000 (01:57 +0000)]
Revert my last fix, which broke more things than it fixed
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94254
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:47:50 +0000 (01:47 +0000)]
fold some duplication into generic ssl_server_import_cert function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94253
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:32:41 +0000 (01:32 +0000)]
move server cert checking into generic ssl_check_public_cert function.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94252
13f79535 -47bb-0310-9956-
ffa450edef68
Brian Pane [Thu, 28 Mar 2002 01:19:58 +0000 (01:19 +0000)]
Don't walk past the end of the tag in ap_ssi_get_tag_and_value()
Discovered by: Cliff Woolley
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94251
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:14:53 +0000 (01:14 +0000)]
move server specific init config checks into ssl_init_check_server
function (ssl_init_check_proxy will be different)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94250
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 01:07:20 +0000 (01:07 +0000)]
break out certificate chain initialization into
ssl_init_cert_chain function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94249
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Thu, 28 Mar 2002 01:05:24 +0000 (01:05 +0000)]
ap_run_sub_req does not return apr_status, so we shouldn't be checking
APR_STATUS_IS_EPIPE(). Also, remove the code that assumed the sub_req_lookup_uri
actually served up the content in the quick handler. We now call the quick_handler
in ap_run_sub_req()
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94248
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Thu, 28 Mar 2002 00:34:13 +0000 (00:34 +0000)]
there is a heaping pile of:
ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID)
add SSL_INIT flag to cut down some noise and end up with:
ssl_log(s, flags, "...")
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94247
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:53:27 +0000 (23:53 +0000)]
break out certificate revocation list initialization into
ssl_init_crl function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:49:09 +0000 (23:49 +0000)]
break out cipher suite initialization into ssl_init_cipher_suite function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94245
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:35:31 +0000 (23:35 +0000)]
"new" is a c++ keyword; s/new/mrg/g in config merge functions
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94244
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:25:58 +0000 (23:25 +0000)]
move warning about session cache not being configured to ssl_scache_init
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94243
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 23:19:08 +0000 (23:19 +0000)]
break out SSL_CTX session initialization into
ssl_init_session_cache_ctx function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94242
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 22:57:47 +0000 (22:57 +0000)]
add entry for sslc compat layer changes
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94241
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Wed, 27 Mar 2002 22:42:16 +0000 (22:42 +0000)]
Add a new parameter to the quick_handler hook to instruct
quick handlers to optionally do a lookup rather than actually
serve content. This is the first of several changes required fix
several problems with how quick handlers work with subrequests.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94240
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 22:31:33 +0000 (22:31 +0000)]
add license
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94239
13f79535 -47bb-0310-9956-
ffa450edef68
Bradley Nicholes [Wed, 27 Mar 2002 22:13:26 +0000 (22:13 +0000)]
Switched to xcopy commands in the make file so that we are sure all of the
document directories are copied during the install processing
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94238
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Wed, 27 Mar 2002 21:20:37 +0000 (21:20 +0000)]
Ensure CACHE_OUT gets installed in front of SUBREQ_CORE on subrequsts.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94236
13f79535 -47bb-0310-9956-
ffa450edef68
Cliff Woolley [Wed, 27 Mar 2002 21:16:37 +0000 (21:16 +0000)]
"Oops" has two o's in it. :)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94235
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 21:14:49 +0000 (21:14 +0000)]
break SSL_CTX initialization into ssl_init_ctx function
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94234
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 21:07:08 +0000 (21:07 +0000)]
(starting to break apart the init code into smaller, generic functions,
preparing for proxy support)
break out verify code into ssl_init_verify function.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94233
13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Wed, 27 Mar 2002 20:37:32 +0000 (20:37 +0000)]
worker MPM:
get MaxRequestsPerChild to work again by allowing the main thread of
a child to be interrupted by one of the other threads in the process
this should get graceful termination to work after encountering one of
the various possible error conditions in the listener and worker threads
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94232
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 19:38:05 +0000 (19:38 +0000)]
bringing back MOD_SSL_VERSION macro, define it to AP_SERVER_BASEVERSION
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94231
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 19:11:11 +0000 (19:11 +0000)]
adjustment for sslc where its PEM_read_bio_PrivateKey does not take a
callback arg.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94230
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Wed, 27 Mar 2002 19:06:52 +0000 (19:06 +0000)]
Update the MSVC++ project files. The debug databases were conficting between
the different cache projects.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94229
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 18:46:49 +0000 (18:46 +0000)]
static-ize {write,read}tty variables
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94227
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 18:20:37 +0000 (18:20 +0000)]
move prototype for modssl_session_get_time to ssl_util_ssl.h
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94226
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 18:19:44 +0000 (18:19 +0000)]
add modssl_dh_configure() function to fold some duplication in
get_dh{512,1024} and provide toolkit compat for sslc 2.x
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94225
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 17:02:56 +0000 (17:02 +0000)]
add configure checks for ssl functions:
-SSL_set_state: macro in OpenSSL, might be a function in a patched sslc
-SSL_set_cert_store: patch submitted to OpenSSL, might be applied to
OpenSSL or sslc
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94223
13f79535 -47bb-0310-9956-
ffa450edef68
Bill Stoddard [Wed, 27 Mar 2002 15:30:41 +0000 (15:30 +0000)]
This might be helpful to folks readong code and reading this document to understand
how their filter should work.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94222
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Wed, 27 Mar 2002 14:24:32 +0000 (14:24 +0000)]
Document the APR change that bubbles up
to affect Apache. The default ordering of the accept metux method
has been changed to match 1.3
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94221
13f79535 -47bb-0310-9956-
ffa450edef68
Jeff Trawick [Wed, 27 Mar 2002 13:05:14 +0000 (13:05 +0000)]
style improvement for checking whether the result of an
assignment was NULL
Submitted by: Sander Striker
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94220
13f79535 -47bb-0310-9956-
ffa450edef68
Jim Jagielski [Wed, 27 Mar 2002 12:55:35 +0000 (12:55 +0000)]
Depreciate mod_proxy's own CHANGES file
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94219
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 06:01:03 +0000 (06:01 +0000)]
fix doofo in last commit
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94218
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 05:58:31 +0000 (05:58 +0000)]
sslc 1.x does not have an x509v3.h
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94217
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 05:50:56 +0000 (05:50 +0000)]
sslc does not currently support X509V3_EXT_d2i
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94216
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 04:02:46 +0000 (04:02 +0000)]
toolkit compat for PEM_read_bio_PrivateKey
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94215
13f79535 -47bb-0310-9956-
ffa450edef68
Doug MacEachern [Wed, 27 Mar 2002 03:58:26 +0000 (03:58 +0000)]
use compat macro for another PEM_read_bio_X509
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94214
13f79535 -47bb-0310-9956-
ffa450edef68