]> granicus.if.org Git - apache/log
apache
22 years agoadd myCtxConfig macro
Doug MacEachern [Sat, 30 Mar 2002 05:57:59 +0000 (05:57 +0000)]
add myCtxConfig macro

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94331 13f79535-47bb-0310-9956-ffa450edef68

22 years agoimplement proxy client certificate callback
Doug MacEachern [Sat, 30 Mar 2002 05:40:02 +0000 (05:40 +0000)]
implement proxy client certificate callback
(uses SSLProxyMachineCertificate{File,Cert} when downstream server
requires a client certificate)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94329 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinput filter should not return failure when ssl runtime wants to read more
Doug MacEachern [Sat, 30 Mar 2002 05:16:55 +0000 (05:16 +0000)]
input filter should not return failure when ssl runtime wants to read more

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94328 13f79535-47bb-0310-9956-ffa450edef68

22 years agossl_io_input_read needs to return something other than APR_SUCCESS
Doug MacEachern [Sat, 30 Mar 2002 04:52:48 +0000 (04:52 +0000)]
ssl_io_input_read needs to return something other than APR_SUCCESS
when bucket read from socket was successful,
but there was an error within the ssl runtime.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94327 13f79535-47bb-0310-9956-ffa450edef68

22 years agoload SSLProxyMachineCertificate{File,Path}
Doug MacEachern [Sat, 30 Mar 2002 01:50:10 +0000 (01:50 +0000)]
load SSLProxyMachineCertificate{File,Path}

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94324 13f79535-47bb-0310-9956-ffa450edef68

22 years agoenable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
Doug MacEachern [Sat, 30 Mar 2002 01:41:35 +0000 (01:41 +0000)]
enable/cleanup SSL_X509_INFO_load_{file,path} functions for use in
proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94323 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFix the version string. We want to end up with "mod_ssl/2.0.xx", not
Cliff Woolley [Sat, 30 Mar 2002 00:00:21 +0000 (00:00 +0000)]
Fix the version string.  We want to end up with "mod_ssl/2.0.xx", not
"mod_ssl/Apache/2.0.xx".

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94320 13f79535-47bb-0310-9956-ffa450edef68

22 years agoCloudy today.
Joshua Slive [Fri, 29 Mar 2002 19:22:47 +0000 (19:22 +0000)]
Cloudy today.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94317 13f79535-47bb-0310-9956-ffa450edef68

22 years agoRemoved email address on request - as obviscation was slammed down on the list -...
Dirk-Willem van Gulik [Fri, 29 Mar 2002 19:20:40 +0000 (19:20 +0000)]
Removed email address on request - as obviscation was slammed down on the list - and Google is your friend in any case

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94315 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd SSLProxyEngine directive. this was not required in the 1.x based
Doug MacEachern [Fri, 29 Mar 2002 17:56:33 +0000 (17:56 +0000)]
add SSLProxyEngine directive.  this was not required in the 1.x based
mod_ssl because the SSL_CTX was created and configured for *every*
request.  unlike in 2.0 where we configure the proxy SSL_CTX at
startup time, which is much better for performance.  but we don't want
to configure a proxy context for every vhost if it isn't going to be
used, for the same reasons we don't create a server context for every
vhost unless SSLEngine is on.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94314 13f79535-47bb-0310-9956-ffa450edef68

22 years agocheck the return value of ap_proxy_ssl_enable
Doug MacEachern [Fri, 29 Mar 2002 17:48:28 +0000 (17:48 +0000)]
check the return value of ap_proxy_ssl_enable

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94313 13f79535-47bb-0310-9956-ffa450edef68

22 years agoSyncing makes no sense now
Jim Jagielski [Fri, 29 Mar 2002 16:21:48 +0000 (16:21 +0000)]
Syncing makes no sense now

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94309 13f79535-47bb-0310-9956-ffa450edef68

22 years agoPR:
Paul J. Reder [Fri, 29 Mar 2002 16:15:33 +0000 (16:15 +0000)]
PR:
Obtained from:
Submitted by: Paul J. Reder
Reviewed by:

Remove the MPM_SYNC_CHILD_TABLE macro since there is no longer a scoreboard
file that needs to be synched.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94308 13f79535-47bb-0310-9956-ffa450edef68

22 years agoThe old, legacy (and unused) code in which the scoreboard was totally
Jim Jagielski [Fri, 29 Mar 2002 14:33:50 +0000 (14:33 +0000)]
The old, legacy (and unused) code in which the scoreboard was totally
and completely contained in a file (SCOREBOARD_FILE) has been
removed. This does not affect scoreboards which are *mapped* to
files using named-shared-memory at all. This implies that scoreboards
must be based, at some level, on native shared memory (mmap, shm_open,
shmget, whatever), but the code has assumed that for quite awhile
now. Having the scoreboard be *based* on a file makes no sense today.

PR:
Obtained from:
Submitted by:
Reviewed by:

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94306 13f79535-47bb-0310-9956-ffa450edef68

22 years agoBUCKET FREELISTS
Cliff Woolley [Fri, 29 Mar 2002 08:17:26 +0000 (08:17 +0000)]
BUCKET FREELISTS

Add an allocator-passing mechanism throughout the bucket brigades API.

From Apache's standpoint, the apr_bucket_alloc_t* used throughout a given
connection is stored in the conn_rec by the create_connection hook.  That
means it's the MPM's job to optimize recycling of apr_bucket_alloc_t's --
the MPM must ensure that no two threads can ever use the same one at the
same time, for instance.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94304 13f79535-47bb-0310-9956-ffa450edef68

22 years agoimport ssl_proxy_enable in the post config phase, otherwise LoadModule
Doug MacEachern [Fri, 29 Mar 2002 08:04:04 +0000 (08:04 +0000)]
import ssl_proxy_enable in the post config phase, otherwise LoadModule
order may leave us without the function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94303 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove ssl_engine_ext.c
Doug MacEachern [Fri, 29 Mar 2002 07:37:28 +0000 (07:37 +0000)]
remove ssl_engine_ext.c

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94302 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremoving old proxy extension code
Doug MacEachern [Fri, 29 Mar 2002 07:36:01 +0000 (07:36 +0000)]
removing old proxy extension code

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94301 13f79535-47bb-0310-9956-ffa450edef68

22 years agohook into mod_ssl for https support
Doug MacEachern [Fri, 29 Mar 2002 07:29:11 +0000 (07:29 +0000)]
hook into mod_ssl for https support

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94300 13f79535-47bb-0310-9956-ffa450edef68

22 years agoneed to flush output buffer before reading in proxy mode
Doug MacEachern [Fri, 29 Mar 2002 07:23:09 +0000 (07:23 +0000)]
need to flush output buffer before reading in proxy mode

need to call ssl_hook_process_connection in the output filter in proxy
mode, since proxy hits the output filter before the input filter

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94299 13f79535-47bb-0310-9956-ffa450edef68

22 years agoin proxy mode we need to SSL_connect rather than SSL_accept in
Doug MacEachern [Fri, 29 Mar 2002 07:22:43 +0000 (07:22 +0000)]
in proxy mode we need to SSL_connect rather than SSL_accept in
ssl_hook_process_connection.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94298 13f79535-47bb-0310-9956-ffa450edef68

22 years agoThese two variables were left uninitialized accidentally.
Cliff Woolley [Fri, 29 Mar 2002 07:12:01 +0000 (07:12 +0000)]
These two variables were left uninitialized accidentally.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94297 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDocument the variable expansion enhancements for mod_include
Brian Pane [Fri, 29 Mar 2002 06:26:03 +0000 (06:26 +0000)]
Document the variable expansion enhancements for mod_include

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94295 13f79535-47bb-0310-9956-ffa450edef68

22 years agoAllow variable expansion within in the "var" arg to <!--#echo
Brian Pane [Fri, 29 Mar 2002 05:58:39 +0000 (05:58 +0000)]
Allow variable expansion within in the "var" arg to <!--#echo
and <!--#set, so that people can do things like this:
  <!--#echo var="${foo}_${bar}" -->

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94294 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd optional function (ssl_proxy_enable) to turn on ssl proxy
Doug MacEachern [Fri, 29 Mar 2002 04:50:37 +0000 (04:50 +0000)]
add optional function (ssl_proxy_enable) to turn on ssl proxy

choose SSL_CTX based on SSLConnRec.is_proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94293 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinit proxy context
Doug MacEachern [Fri, 29 Mar 2002 04:48:01 +0000 (04:48 +0000)]
init proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94292 13f79535-47bb-0310-9956-ffa450edef68

22 years agoReplaced my fix for the is_only_below() bug with Cliff's faster
Brian Pane [Fri, 29 Mar 2002 04:47:10 +0000 (04:47 +0000)]
Replaced my fix for the is_only_below() bug with Cliff's faster
and simpler version.
Submitted by: Cliff Woolley

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94291 13f79535-47bb-0310-9956-ffa450edef68

22 years agos/id/mode/ in ssl_cmd_SSLProxyVerify
Doug MacEachern [Fri, 29 Mar 2002 03:19:12 +0000 (03:19 +0000)]
s/id/mode/ in ssl_cmd_SSLProxyVerify

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94290 13f79535-47bb-0310-9956-ffa450edef68

22 years agouse ssl_cmd_verify_parse for SSLProxyVerify directive handler
Doug MacEachern [Fri, 29 Mar 2002 03:05:49 +0000 (03:05 +0000)]
use ssl_cmd_verify_parse for SSLProxyVerify directive handler

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94289 13f79535-47bb-0310-9956-ffa450edef68

22 years agocleanup the proxy context
Doug MacEachern [Fri, 29 Mar 2002 02:59:27 +0000 (02:59 +0000)]
cleanup the proxy context

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94288 13f79535-47bb-0310-9956-ffa450edef68

22 years agos/ctx/dcfg/g in ssl directive handlers
Doug MacEachern [Fri, 29 Mar 2002 02:48:20 +0000 (02:48 +0000)]
s/ctx/dcfg/g in ssl directive handlers

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94287 13f79535-47bb-0310-9956-ffa450edef68

22 years agoenable proxy directives
Doug MacEachern [Fri, 29 Mar 2002 02:43:33 +0000 (02:43 +0000)]
enable proxy directives

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94286 13f79535-47bb-0310-9956-ffa450edef68

22 years agochange existing ssl_init_ctx() to ssl_init_ctx_protocol()
Doug MacEachern [Fri, 29 Mar 2002 02:20:58 +0000 (02:20 +0000)]
change existing ssl_init_ctx() to ssl_init_ctx_protocol()

new ssl_init_ctx() inits the lot: protocol, session_cache, callbacks,
verify, cipher suite, crl, cert_chain

new ssl_init_server_ctx function inits everything for sc->server

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94285 13f79535-47bb-0310-9956-ffa450edef68

22 years agoFixes for three problems in mod_include:
Brian Pane [Fri, 29 Mar 2002 02:14:45 +0000 (02:14 +0000)]
Fixes for three problems in mod_include:
  * The ctx->tag_length computation in find_end_sequence() was a bit
    broken in cases where there was a "false alarm" match on a partial
    "-->"
  * The ap_ssi_get_tag_and_value() function needs to avoid walking off
    the end of the string.  After debugging this some more, I ended up
    using Cliff's original patch.
  * Infinite loop in is_only_below()

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94284 13f79535-47bb-0310-9956-ffa450edef68

22 years agoproxy will have a different verify callback
Doug MacEachern [Fri, 29 Mar 2002 02:09:59 +0000 (02:09 +0000)]
proxy will have a different verify callback

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94283 13f79535-47bb-0310-9956-ffa450edef68

22 years agoproxy needs to use client ssl method
Doug MacEachern [Fri, 29 Mar 2002 02:06:57 +0000 (02:06 +0000)]
proxy needs to use client ssl method

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94282 13f79535-47bb-0310-9956-ffa450edef68

22 years agosetup sc->proxy->sc
Doug MacEachern [Fri, 29 Mar 2002 02:01:49 +0000 (02:01 +0000)]
setup sc->proxy->sc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94281 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd ssl_config_server_new function to fold some duplication in server
Doug MacEachern [Fri, 29 Mar 2002 02:00:20 +0000 (02:00 +0000)]
add ssl_config_server_new function to fold some duplication in server
create/merge and to make sure merge config is fully inititialized

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94280 13f79535-47bb-0310-9956-ffa450edef68

22 years agoinititialize and merge proxy config
Doug MacEachern [Fri, 29 Mar 2002 01:56:40 +0000 (01:56 +0000)]
inititialize and merge proxy config

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94279 13f79535-47bb-0310-9956-ffa450edef68

22 years agono point in merging things which are not set until after merge happens.
Doug MacEachern [Fri, 29 Mar 2002 01:42:04 +0000 (01:42 +0000)]
no point in merging things which are not set until after merge happens.
make a note of those which are set during module init.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94278 13f79535-47bb-0310-9956-ffa450edef68

22 years ago'ctx' traditionally refers to an SSL_CTX. change modssl_ctx_t
Doug MacEachern [Fri, 29 Mar 2002 01:24:10 +0000 (01:24 +0000)]
'ctx' traditionally refers to an SSL_CTX.  change modssl_ctx_t
instances to 'mctx'

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94277 13f79535-47bb-0310-9956-ffa450edef68

22 years agoStop the while loop from incrementing twice per iteration before checking for
Bradley Nicholes [Fri, 29 Mar 2002 00:39:56 +0000 (00:39 +0000)]
Stop the while loop from incrementing twice per iteration before checking for
the NULL terminator.  This was causing the while loop to walk off the end of any
string with an odd number of characters.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94276 13f79535-47bb-0310-9956-ffa450edef68

22 years agoctx->sc is set during init
Doug MacEachern [Thu, 28 Mar 2002 19:50:48 +0000 (19:50 +0000)]
ctx->sc is set during init

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94275 13f79535-47bb-0310-9956-ffa450edef68

22 years agoswitch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
Doug MacEachern [Thu, 28 Mar 2002 19:48:31 +0000 (19:48 +0000)]
switch from SSLSrvConfigRec* to modssl_ctx_t* in the ssl_init_ctx*
functions

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94274 13f79535-47bb-0310-9956-ffa450edef68

22 years agomake merging of modssl_ctx_t's generic
Doug MacEachern [Thu, 28 Mar 2002 19:15:03 +0000 (19:15 +0000)]
make merging of modssl_ctx_t's generic

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94273 13f79535-47bb-0310-9956-ffa450edef68

22 years agoUpdate Redhat layout to v7.
Joshua Slive [Thu, 28 Mar 2002 19:04:48 +0000 (19:04 +0000)]
Update Redhat layout to v7.

PR: BZ-7422
Submitted by: Joe Orton

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94272 13f79535-47bb-0310-9956-ffa450edef68

22 years agomoving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else
Doug MacEachern [Thu, 28 Mar 2002 18:58:06 +0000 (18:58 +0000)]
moving cfgMerge macros to ssl_engine_config.c, they are not used anywhere else

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94271 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove unused cfgMerge{Table,Ctx} macros
Doug MacEachern [Thu, 28 Mar 2002 18:54:52 +0000 (18:54 +0000)]
remove unused cfgMerge{Table,Ctx} macros

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94269 13f79535-47bb-0310-9956-ffa450edef68

22 years agomoving protocol location
Doug MacEachern [Thu, 28 Mar 2002 18:53:54 +0000 (18:53 +0000)]
moving protocol location

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94268 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreakup SSLSrvConfigRec in preparation for proxy support:
Doug MacEachern [Thu, 28 Mar 2002 18:50:07 +0000 (18:50 +0000)]
breakup SSLSrvConfigRec in preparation for proxy support:
+ modssl_pk_server_t - certs/keys for the server
+ modssl_pk_proxy_t  - certs/keys for the proxy
+ modssl_auth_ctx_t  - stuff related to authentication that can also
                       be per-dir, used by both server and proxy
+ modssl_ctx_t       - context that can be used by both server and proxy
+ SSLSrvConfigRec    - now contains original stuff specific to the
                       server config and modssl_ctx_t *server, *proxy

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94267 13f79535-47bb-0310-9956-ffa450edef68

22 years agoripping out some proxy stuff that isn't currently in use and is going
Doug MacEachern [Thu, 28 Mar 2002 17:23:50 +0000 (17:23 +0000)]
ripping out some proxy stuff that isn't currently in use and is going
to change anyhow.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94266 13f79535-47bb-0310-9956-ffa450edef68

22 years agoalready added configure check for SSL_set_cert_store
Doug MacEachern [Thu, 28 Mar 2002 17:16:41 +0000 (17:16 +0000)]
already added configure check for SSL_set_cert_store

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94265 13f79535-47bb-0310-9956-ffa450edef68

22 years agode-hungarian-ize server config member names which are going to stay
Doug MacEachern [Thu, 28 Mar 2002 17:11:12 +0000 (17:11 +0000)]
de-hungarian-ize server config member names which are going to stay

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94264 13f79535-47bb-0310-9956-ffa450edef68

22 years agoreorder a bit of the server config structure, moving items that are
Doug MacEachern [Thu, 28 Mar 2002 16:47:36 +0000 (16:47 +0000)]
reorder a bit of the server config structure, moving items that are
going to stay there to the top.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94263 13f79535-47bb-0310-9956-ffa450edef68

22 years agosignature of quick_handler hook changed
Jeff Trawick [Thu, 28 Mar 2002 11:17:59 +0000 (11:17 +0000)]
signature of quick_handler hook changed

(mod_example's quick_handler hook doesn't have to do anything
with the new parameter)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94262 13f79535-47bb-0310-9956-ffa450edef68

22 years agoremove error msg hint that is no longer true
Doug MacEachern [Thu, 28 Mar 2002 02:51:52 +0000 (02:51 +0000)]
remove error msg hint that is no longer true

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94261 13f79535-47bb-0310-9956-ffa450edef68

22 years agofixup naming:
Doug MacEachern [Thu, 28 Mar 2002 02:46:28 +0000 (02:46 +0000)]
fixup naming:
 ssl_init_ctx_* will be used for both proxy and server
 ssl_init_server_* is specific to the server

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94260 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove context callback setting to ssl_init_ctx_callbacks function
Doug MacEachern [Thu, 28 Mar 2002 02:40:01 +0000 (02:40 +0000)]
move context callback setting to ssl_init_ctx_callbacks function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94259 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server cert/key initialization to ssl_init_server_certs function
Doug MacEachern [Thu, 28 Mar 2002 02:36:05 +0000 (02:36 +0000)]
move server cert/key initialization to ssl_init_server_certs function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94258 13f79535-47bb-0310-9956-ffa450edef68

22 years agocopy DSA params to server server during key import
Doug MacEachern [Thu, 28 Mar 2002 02:28:06 +0000 (02:28 +0000)]
copy DSA params to server server during key import

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94257 13f79535-47bb-0310-9956-ffa450edef68

22 years agofix logic from last commit, need to always try importing _both_ rsa
Doug MacEachern [Thu, 28 Mar 2002 02:09:58 +0000 (02:09 +0000)]
fix logic from last commit, need to always try importing _both_ rsa
and dsa

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94256 13f79535-47bb-0310-9956-ffa450edef68

22 years agofold some duplication into generic ssl_server_import_key function
Doug MacEachern [Thu, 28 Mar 2002 02:01:03 +0000 (02:01 +0000)]
fold some duplication into generic ssl_server_import_key function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94255 13f79535-47bb-0310-9956-ffa450edef68

22 years agoRevert my last fix, which broke more things than it fixed
Brian Pane [Thu, 28 Mar 2002 01:57:03 +0000 (01:57 +0000)]
Revert my last fix, which broke more things than it fixed

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94254 13f79535-47bb-0310-9956-ffa450edef68

22 years agofold some duplication into generic ssl_server_import_cert function
Doug MacEachern [Thu, 28 Mar 2002 01:47:50 +0000 (01:47 +0000)]
fold some duplication into generic ssl_server_import_cert function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94253 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server cert checking into generic ssl_check_public_cert function.
Doug MacEachern [Thu, 28 Mar 2002 01:32:41 +0000 (01:32 +0000)]
move server cert checking into generic ssl_check_public_cert function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94252 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDon't walk past the end of the tag in ap_ssi_get_tag_and_value()
Brian Pane [Thu, 28 Mar 2002 01:19:58 +0000 (01:19 +0000)]
Don't walk past the end of the tag in ap_ssi_get_tag_and_value()
Discovered by: Cliff Woolley

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94251 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove server specific init config checks into ssl_init_check_server
Doug MacEachern [Thu, 28 Mar 2002 01:14:53 +0000 (01:14 +0000)]
move server specific init config checks into ssl_init_check_server
function (ssl_init_check_proxy will be different)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94250 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out certificate chain initialization into
Doug MacEachern [Thu, 28 Mar 2002 01:07:20 +0000 (01:07 +0000)]
break out certificate chain initialization into
ssl_init_cert_chain function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94249 13f79535-47bb-0310-9956-ffa450edef68

22 years agoap_run_sub_req does not return apr_status, so we shouldn't be checking
Bill Stoddard [Thu, 28 Mar 2002 01:05:24 +0000 (01:05 +0000)]
ap_run_sub_req does not return apr_status, so we shouldn't be checking
APR_STATUS_IS_EPIPE(). Also, remove the code that assumed the sub_req_lookup_uri
actually served up the content in the quick handler. We now call the quick_handler
in ap_run_sub_req()

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94248 13f79535-47bb-0310-9956-ffa450edef68

22 years agothere is a heaping pile of:
Doug MacEachern [Thu, 28 Mar 2002 00:34:13 +0000 (00:34 +0000)]
there is a heaping pile of:
 ssl_log(s, flags, "Init: (%s) ...", sc->szVHostID)
add SSL_INIT flag to cut down some noise and end up with:
 ssl_log(s, flags, "...")

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94247 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out certificate revocation list initialization into
Doug MacEachern [Wed, 27 Mar 2002 23:53:27 +0000 (23:53 +0000)]
break out certificate revocation list initialization into
ssl_init_crl function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out cipher suite initialization into ssl_init_cipher_suite function
Doug MacEachern [Wed, 27 Mar 2002 23:49:09 +0000 (23:49 +0000)]
break out cipher suite initialization into ssl_init_cipher_suite function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94245 13f79535-47bb-0310-9956-ffa450edef68

22 years ago"new" is a c++ keyword; s/new/mrg/g in config merge functions
Doug MacEachern [Wed, 27 Mar 2002 23:35:31 +0000 (23:35 +0000)]
"new" is a c++ keyword; s/new/mrg/g in config merge functions

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94244 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove warning about session cache not being configured to ssl_scache_init
Doug MacEachern [Wed, 27 Mar 2002 23:25:58 +0000 (23:25 +0000)]
move warning about session cache not being configured to ssl_scache_init

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94243 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak out SSL_CTX session initialization into
Doug MacEachern [Wed, 27 Mar 2002 23:19:08 +0000 (23:19 +0000)]
break out SSL_CTX session initialization into
ssl_init_session_cache_ctx function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94242 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd entry for sslc compat layer changes
Doug MacEachern [Wed, 27 Mar 2002 22:57:47 +0000 (22:57 +0000)]
add entry for sslc compat layer changes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94241 13f79535-47bb-0310-9956-ffa450edef68

22 years agoAdd a new parameter to the quick_handler hook to instruct
Bill Stoddard [Wed, 27 Mar 2002 22:42:16 +0000 (22:42 +0000)]
Add a new parameter to the quick_handler hook to instruct
quick handlers to optionally do a lookup rather than actually
serve content. This is the first of several changes required fix
several problems with how quick handlers work with subrequests.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94240 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd license
Doug MacEachern [Wed, 27 Mar 2002 22:31:33 +0000 (22:31 +0000)]
add license

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94239 13f79535-47bb-0310-9956-ffa450edef68

22 years agoSwitched to xcopy commands in the make file so that we are sure all of the
Bradley Nicholes [Wed, 27 Mar 2002 22:13:26 +0000 (22:13 +0000)]
Switched to xcopy commands in the make file so that we are sure all of the
document directories are copied during the install processing

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94238 13f79535-47bb-0310-9956-ffa450edef68

22 years agoEnsure CACHE_OUT gets installed in front of SUBREQ_CORE on subrequsts.
Bill Stoddard [Wed, 27 Mar 2002 21:20:37 +0000 (21:20 +0000)]
Ensure CACHE_OUT gets installed in front of SUBREQ_CORE on subrequsts.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94236 13f79535-47bb-0310-9956-ffa450edef68

22 years ago"Oops" has two o's in it. :)
Cliff Woolley [Wed, 27 Mar 2002 21:16:37 +0000 (21:16 +0000)]
"Oops" has two o's in it.  :)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94235 13f79535-47bb-0310-9956-ffa450edef68

22 years agobreak SSL_CTX initialization into ssl_init_ctx function
Doug MacEachern [Wed, 27 Mar 2002 21:14:49 +0000 (21:14 +0000)]
break SSL_CTX initialization into ssl_init_ctx function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94234 13f79535-47bb-0310-9956-ffa450edef68

22 years ago(starting to break apart the init code into smaller, generic functions,
Doug MacEachern [Wed, 27 Mar 2002 21:07:08 +0000 (21:07 +0000)]
(starting to break apart the init code into smaller, generic functions,
preparing for proxy support)

break out verify code into ssl_init_verify function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94233 13f79535-47bb-0310-9956-ffa450edef68

22 years agoworker MPM:
Jeff Trawick [Wed, 27 Mar 2002 20:37:32 +0000 (20:37 +0000)]
worker MPM:

get MaxRequestsPerChild to work again by allowing the main thread of
a child to be interrupted by one of the other threads in the process

this should get graceful termination to work after encountering one of
the various possible error conditions in the listener and worker threads

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94232 13f79535-47bb-0310-9956-ffa450edef68

22 years agobringing back MOD_SSL_VERSION macro, define it to AP_SERVER_BASEVERSION
Doug MacEachern [Wed, 27 Mar 2002 19:38:05 +0000 (19:38 +0000)]
bringing back MOD_SSL_VERSION macro, define it to AP_SERVER_BASEVERSION

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94231 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadjustment for sslc where its PEM_read_bio_PrivateKey does not take a
Doug MacEachern [Wed, 27 Mar 2002 19:11:11 +0000 (19:11 +0000)]
adjustment for sslc where its PEM_read_bio_PrivateKey does not take a
callback arg.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94230 13f79535-47bb-0310-9956-ffa450edef68

22 years agoUpdate the MSVC++ project files. The debug databases were conficting between
Bill Stoddard [Wed, 27 Mar 2002 19:06:52 +0000 (19:06 +0000)]
Update the MSVC++ project files. The debug databases were conficting between
the different cache projects.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94229 13f79535-47bb-0310-9956-ffa450edef68

22 years agostatic-ize {write,read}tty variables
Doug MacEachern [Wed, 27 Mar 2002 18:46:49 +0000 (18:46 +0000)]
static-ize {write,read}tty variables

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94227 13f79535-47bb-0310-9956-ffa450edef68

22 years agomove prototype for modssl_session_get_time to ssl_util_ssl.h
Doug MacEachern [Wed, 27 Mar 2002 18:20:37 +0000 (18:20 +0000)]
move prototype for modssl_session_get_time to ssl_util_ssl.h

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94226 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd modssl_dh_configure() function to fold some duplication in
Doug MacEachern [Wed, 27 Mar 2002 18:19:44 +0000 (18:19 +0000)]
add modssl_dh_configure() function to fold some duplication in
get_dh{512,1024} and provide toolkit compat for sslc 2.x

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94225 13f79535-47bb-0310-9956-ffa450edef68

22 years agoadd configure checks for ssl functions:
Doug MacEachern [Wed, 27 Mar 2002 17:02:56 +0000 (17:02 +0000)]
add configure checks for ssl functions:
-SSL_set_state: macro in OpenSSL, might be a function in a patched sslc
-SSL_set_cert_store: patch submitted to OpenSSL, might be applied to
OpenSSL or sslc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94223 13f79535-47bb-0310-9956-ffa450edef68

22 years agoThis might be helpful to folks readong code and reading this document to understand
Bill Stoddard [Wed, 27 Mar 2002 15:30:41 +0000 (15:30 +0000)]
This might be helpful to folks readong code and reading this document to understand
how their filter should work.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94222 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDocument the APR change that bubbles up
Jim Jagielski [Wed, 27 Mar 2002 14:24:32 +0000 (14:24 +0000)]
Document the APR change that bubbles up
to affect Apache. The default ordering of the accept metux method
has been changed to match 1.3

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94221 13f79535-47bb-0310-9956-ffa450edef68

22 years agostyle improvement for checking whether the result of an
Jeff Trawick [Wed, 27 Mar 2002 13:05:14 +0000 (13:05 +0000)]
style improvement for checking whether the result of an
assignment was NULL

Submitted by: Sander Striker

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94220 13f79535-47bb-0310-9956-ffa450edef68

22 years agoDepreciate mod_proxy's own CHANGES file
Jim Jagielski [Wed, 27 Mar 2002 12:55:35 +0000 (12:55 +0000)]
Depreciate mod_proxy's own CHANGES file

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94219 13f79535-47bb-0310-9956-ffa450edef68

22 years agofix doofo in last commit
Doug MacEachern [Wed, 27 Mar 2002 06:01:03 +0000 (06:01 +0000)]
fix doofo in last commit

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94218 13f79535-47bb-0310-9956-ffa450edef68

22 years agosslc 1.x does not have an x509v3.h
Doug MacEachern [Wed, 27 Mar 2002 05:58:31 +0000 (05:58 +0000)]
sslc 1.x does not have an x509v3.h

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94217 13f79535-47bb-0310-9956-ffa450edef68

22 years agosslc does not currently support X509V3_EXT_d2i
Doug MacEachern [Wed, 27 Mar 2002 05:50:56 +0000 (05:50 +0000)]
sslc does not currently support X509V3_EXT_d2i

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94216 13f79535-47bb-0310-9956-ffa450edef68

22 years agotoolkit compat for PEM_read_bio_PrivateKey
Doug MacEachern [Wed, 27 Mar 2002 04:02:46 +0000 (04:02 +0000)]
toolkit compat for PEM_read_bio_PrivateKey

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94215 13f79535-47bb-0310-9956-ffa450edef68

22 years agouse compat macro for another PEM_read_bio_X509
Doug MacEachern [Wed, 27 Mar 2002 03:58:26 +0000 (03:58 +0000)]
use compat macro for another PEM_read_bio_X509

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94214 13f79535-47bb-0310-9956-ffa450edef68