From f92652706e5200dee81cc5e04a21202cab703cbc Mon Sep 17 00:00:00 2001 From: Stefan Eissing Date: Wed, 20 Dec 2017 20:43:11 +0000 Subject: [PATCH] On the 2.4.x-mod_md branch: Merged /httpd/httpd/trunk:r1818308,1818725,1818792,1818849 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x-mod_md@1818850 13f79535-47bb-0310-9956-ffa450edef68 --- modules/md/md_acme.c | 16 ++++++++++++++++ modules/md/md_acme_acct.c | 16 ++++++++++++++++ modules/md/md_acme_authz.c | 32 ++++++++++++++++++++++++++++++-- modules/md/md_acme_drive.c | 25 +++++++++++++++++-------- modules/md/md_core.c | 16 ++++++++++++++++ modules/md/md_crypt.c | 30 +++++++++++++++++++++++++----- modules/md/md_curl.c | 16 ++++++++++++++++ modules/md/md_http.c | 16 ++++++++++++++++ modules/md/md_json.c | 17 +++++++++++++++++ modules/md/md_jws.c | 16 ++++++++++++++++ modules/md/md_log.c | 16 ++++++++++++++++ modules/md/md_reg.c | 16 ++++++++++++++++ modules/md/md_store.c | 16 ++++++++++++++++ modules/md/md_store_fs.c | 16 ++++++++++++++++ modules/md/md_util.c | 16 ++++++++++++++++ modules/md/md_version.h | 4 ++-- modules/md/mod_md.c | 31 +++++++++++++++++++++++-------- modules/md/mod_md_config.c | 16 ++++++++++++++++ modules/md/mod_md_os.c | 16 ++++++++++++++++ 19 files changed, 322 insertions(+), 25 deletions(-) diff --git a/modules/md/md_acme.c b/modules/md/md_acme.c index cf0589d683..e94cac34c8 100644 --- a/modules/md/md_acme.c +++ b/modules/md/md_acme.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_acme_acct.c b/modules/md/md_acme_acct.c index 6be9ded6d0..cde9f2c400 100644 --- a/modules/md/md_acme_acct.c +++ b/modules/md/md_acme_acct.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_acme_authz.c b/modules/md/md_acme_authz.c index 2fb893c393..68fdc36801 100644 --- a/modules/md/md_acme_authz.c +++ b/modules/md/md_acme_authz.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -219,13 +235,25 @@ apr_status_t md_acme_authz_update(md_acme_authz_t *authz, md_acme_t *acme, } else if (s && !strcmp(s, "valid")) { authz->state = MD_ACME_AUTHZ_S_VALID; + if (md_log_is_level(p, MD_LOG_DEBUG)) { + md_log_perror(MD_LOG_MARK, MD_LOG_DEBUG, 0, p, "ACME server validated challenge " + "for %s in %s, ACME response is: %s", + authz->domain, authz->location, + md_json_writep(json, p, MD_JSON_FMT_COMPACT)); + } } else if (s && !strcmp(s, "invalid")) { authz->state = MD_ACME_AUTHZ_S_INVALID; + md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p, "ACME server reports challenge " + "for %s in %s as 'invalid', ACME response is: %s", + authz->domain, authz->location, + md_json_writep(json, p, MD_JSON_FMT_COMPACT)); } else if (s) { - md_log_perror(MD_LOG_MARK, MD_LOG_WARNING, 0, p, "unknown authz state '%s' " - "for %s in %s", s, authz->domain, authz->location); + md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p, "ACME server reports unrecognized " + "authz state '%s' for %s in %s, ACME response is: %s", + s, authz->domain, authz->location, + md_json_writep(json, p, MD_JSON_FMT_COMPACT)); return APR_EINVAL; } return rv; diff --git a/modules/md/md_acme_drive.c b/modules/md/md_acme_drive.c index e58367ccf8..023966ae81 100644 --- a/modules/md/md_acme_drive.c +++ b/modules/md/md_acme_drive.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -550,18 +566,11 @@ static apr_status_t get_chain(void *baton, int attempt) { md_proto_driver_t *d = baton; md_acme_driver_t *ad = d->baton; - md_cert_t *cert; const char *prev_link = NULL; apr_status_t rv = APR_SUCCESS; while (APR_SUCCESS == rv && ad->chain->nelts < 10) { int nelts = ad->chain->nelts; - if (ad->chain && nelts > 0) { - cert = APR_ARRAY_IDX(ad->chain, nelts - 1, md_cert_t *); - } - else { - cert = ad->cert; - } if (ad->next_up_link && (!prev_link || strcmp(prev_link, ad->next_up_link))) { prev_link = ad->next_up_link; @@ -885,7 +894,7 @@ static apr_status_t acme_stage(md_proto_driver_t *d) /** * The MD is complete and un-expired. This is a renewal run. * Give activation 24 hours leeway (if we have that time) to - * accomodate for clients with somewhat weird clocks. + * accommodate for clients with somewhat weird clocks. */ delay_activation = apr_time_from_sec(MD_SECS_PER_DAY); if (delay_activation > (max_delay = d->md->expires - now)) { diff --git a/modules/md/md_core.c b/modules/md/md_core.c index c079000752..4193816bd4 100644 --- a/modules/md/md_core.c +++ b/modules/md/md_core.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c index 2a6dd24428..7277806fec 100644 --- a/modules/md/md_crypt.c +++ b/modules/md/md_crypt.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -1097,16 +1113,16 @@ static apr_status_t add_must_staple(STACK_OF(X509_EXTENSION) *exts, const md_t * X509_EXTENSION *x; int nid; - nid = OBJ_create("1.3.6.1.5.5.7.1.24", "OCSPReq", "OCSP Request"); + nid = OBJ_create("1.3.6.1.5.5.7.1.24", "tlsfeature", "TLS Feature"); if (NID_undef == nid) { md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p, - "%s: unable to get NID for must-staple", md->name); - return APR_EGENERAL; + "%s: unable to get NID for v3 must-staple TLS feature", md->name); + return APR_ENOTIMPL; } x = X509V3_EXT_conf_nid(NULL, NULL, nid, (char*)"DER:30:03:02:01:05"); if (NULL == x) { md_log_perror(MD_LOG_MARK, MD_LOG_ERR, 0, p, - "%s: unable to get x509 extension for must-staple", md->name); + "%s: unable to create x509 extension for must-staple", md->name); return APR_EGENERAL; } sk_X509_EXTENSION_push(exts, x); @@ -1148,7 +1164,11 @@ apr_status_t md_cert_req_create(const char **pcsr_der_64, const md_t *md, rv = APR_EGENERAL; goto out; } if (APR_SUCCESS != (rv = add_must_staple(exts, md, p))) { - md_log_perror(MD_LOG_MARK, MD_LOG_ERR, rv, p, "%s: must staple", md->name); + md_log_perror(MD_LOG_MARK, MD_LOG_ERR, rv, p, "%s: you requested that a certificate " + "is created with the 'must-staple' extension, however the SSL library was " + "unable to initialized that extension. Please file a bug report on which platform " + "and with which library this happens. To continue before this problem is resolved, " + "configure 'MDMustStaple off' for your domains", md->name); rv = APR_EGENERAL; goto out; } /* add extensions to csr */ diff --git a/modules/md/md_curl.c b/modules/md/md_curl.c index adcae4f784..3710bb41cb 100644 --- a/modules/md/md_curl.c +++ b/modules/md/md_curl.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_http.c b/modules/md/md_http.c index 6c784fc984..89c3373bd2 100644 --- a/modules/md/md_http.c +++ b/modules/md/md_http.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/modules/md/md_json.c b/modules/md/md_json.c index bbbefd977b..ccf1ef6ae2 100644 --- a/modules/md/md_json.c +++ b/modules/md/md_json.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -95,6 +111,7 @@ md_json_t *md_json_create_s(apr_pool_t *pool, const char *s) void md_json_destroy(md_json_t *json) { if (json && json->j) { + assert(json->j->refcount > 0); json_decref(json->j); json->j = NULL; } diff --git a/modules/md/md_jws.c b/modules/md/md_jws.c index f3788b3f88..9b781cb4c9 100644 --- a/modules/md/md_jws.c +++ b/modules/md/md_jws.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_log.c b/modules/md/md_log.c index c62b69d191..aa41eb0936 100644 --- a/modules/md/md_log.c +++ b/modules/md/md_log.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_reg.c b/modules/md/md_reg.c index c0ef2836a3..f5e6dc2c07 100644 --- a/modules/md/md_reg.c +++ b/modules/md/md_reg.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_store.c b/modules/md/md_store.c index 801d69e3d6..2b7e1898d6 100644 --- a/modules/md/md_store.c +++ b/modules/md/md_store.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_store_fs.c b/modules/md/md_store_fs.c index 29c29650a8..e6a988d28a 100644 --- a/modules/md/md_store_fs.c +++ b/modules/md/md_store_fs.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_util.c b/modules/md/md_util.c index bb6f60939d..69bace4473 100644 --- a/modules/md/md_util.c +++ b/modules/md/md_util.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/md_version.h b/modules/md/md_version.h index d08b927ab4..7b0b428671 100644 --- a/modules/md/md_version.h +++ b/modules/md/md_version.h @@ -26,7 +26,7 @@ * @macro * Version number of the md module as c string */ -#define MOD_MD_VERSION "1.1.1" +#define MOD_MD_VERSION "1.1.4" /** * @macro @@ -34,7 +34,7 @@ * release. This is a 24 bit number with 8 bits for major number, 8 bits * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. */ -#define MOD_MD_VERSION_NUM 0x010101 +#define MOD_MD_VERSION_NUM 0x010104 #define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory" diff --git a/modules/md/mod_md.c b/modules/md/mod_md.c index e01c9ea61e..718b41d32d 100644 --- a/modules/md/mod_md.c +++ b/modules/md/mod_md.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2015 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -234,7 +250,7 @@ static apr_status_t assign_to_servers(md_t *md, server_rec *base_server, * If mode is "manual", a generated certificate will not match * all necessary names. */ if ((!mc->local_80 || !uses_port_only(s, mc->local_80)) - && APR_SUCCESS != (rv = md_covers_server(md, s, ptemp))) { + && APR_SUCCESS != (rv = md_covers_server(md, s, p))) { return rv; } @@ -1044,11 +1060,6 @@ static apr_status_t md_post_config(apr_pool_t *p, apr_pool_t *plog, goto out; } - if (dry_run) { - /* enough done in this case */ - return APR_SUCCESS; - } - if (APR_SUCCESS != (rv = md_reg_sync(reg, p, ptemp, mc->mds))) { ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(10073) "synching %d mds to registry", mc->mds->nelts); @@ -1056,8 +1067,8 @@ static apr_status_t md_post_config(apr_pool_t *p, apr_pool_t *plog, /* Determine the managed domains that are in auto drive_mode. For those, * determine in which state they are: - * - UNKNOWN: should not happen, report, dont drive - * - ERROR: something we do not know how to fix, report, dont drive + * - UNKNOWN: should not happen, report, don't drive + * - ERROR: something we do not know how to fix, report, don't drive * - INCOMPLETE/EXPIRED: need to drive them right away * - COMPLETE: determine when cert expires, drive when the time comes * @@ -1083,6 +1094,10 @@ static apr_status_t md_post_config(apr_pool_t *p, apr_pool_t *plog, init_ssl(); + if (dry_run) { + goto out; + } + /* If there are MDs to drive, start a watchdog to check on them regularly */ if (drive_names->nelts > 0) { ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s, APLOGNO(10074) diff --git a/modules/md/mod_md_config.c b/modules/md/mod_md_config.c index aa3c13f203..761338c342 100644 --- a/modules/md/mod_md_config.c +++ b/modules/md/mod_md_config.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); diff --git a/modules/md/mod_md_os.c b/modules/md/mod_md_os.c index 8799735a61..294785053c 100644 --- a/modules/md/mod_md_os.c +++ b/modules/md/mod_md_os.c @@ -1,3 +1,19 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /* Copyright 2017 greenbytes GmbH (https://www.greenbytes.de) * * Licensed under the Apache License, Version 2.0 (the "License"); -- 2.40.0