From 934bb7f29b5c04013a0ba1bf16683a455f48fa00 Mon Sep 17 00:00:00 2001
From: Doug MacEachern <dougm@apache.org>
Date: Wed, 27 Mar 2002 23:53:27 +0000
Subject: [PATCH] break out certificate revocation list initialization into
 ssl_init_crl function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246 13f79535-47bb-0310-9956-ffa450edef68
---
 modules/ssl/ssl_engine_init.c | 55 ++++++++++++++++++++++-------------
 1 file changed, 34 insertions(+), 21 deletions(-)

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 622f73d06c..000f3d5d67 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -557,6 +557,38 @@ static void ssl_init_cipher_suite(server_rec *s,
     }
 }
 
+static void ssl_init_crl(server_rec *s,
+                         apr_pool_t *p,
+                         apr_pool_t *ptemp,
+                         SSLSrvConfigRec *sc)
+{
+    const char *vhost_id = sc->szVHostID;
+
+    /*
+     * Configure Certificate Revocation List (CRL) Details
+     */
+
+    if (!(sc->szCARevocationFile || sc->szCARevocationPath)) {
+        return;
+    }
+
+    ssl_log(s, SSL_LOG_TRACE,
+            "Init: (%s) Configuring certificate revocation facility",
+            vhost_id);
+
+    sc->pRevocationStore =
+        SSL_X509_STORE_create((char *)sc->szCARevocationFile,
+                              (char *)sc->szCARevocationPath);
+
+    if (!sc->pRevocationStore) {
+        ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
+                "Init: (%s) Unable to configure X.509 CRL storage "
+                "for certificate revocation",
+                vhost_id);
+        ssl_die();
+    }
+}
+
 /*
  * Configure a particular server
  */
@@ -613,6 +645,8 @@ void ssl_init_ConfigureServer(server_rec *s,
 
     ssl_init_cipher_suite(s, p, ptemp, sc);
 
+    ssl_init_crl(s, p, ptemp, sc);
+
     SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
     SSL_CTX_set_tmp_dh_callback(ctx,  ssl_callback_TmpDH);
 
@@ -621,27 +655,6 @@ void ssl_init_ConfigureServer(server_rec *s,
         SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState);
     }
 
-    /*
-     * Configure Certificate Revocation List (CRL) Details
-     */
-    if (sc->szCARevocationFile || sc->szCARevocationPath) {
-        ssl_log(s, SSL_LOG_TRACE,
-                "Init: (%s) Configuring certificate revocation facility",
-                vhost_id);
-
-        sc->pRevocationStore =
-            SSL_X509_STORE_create((char *)sc->szCARevocationFile,
-                                  (char *)sc->szCARevocationPath);
-
-        if (!sc->pRevocationStore) {
-            ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
-                    "Init: (%s) Unable to configure X.509 CRL storage "
-                    "for certificate revocation",
-                    vhost_id);
-            ssl_die();
-        }
-    }
-
     /*
      *  Configure server certificate(s)
      */
-- 
2.50.1