www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Add PKCS#7 support.

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@424707 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Ben Laurie
2006-07-23 10:55:07 +00:00
parent 617840c8c2
commit 892785ce39
6 changed files with 109 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
modules/ssl/ssl_engine_init.c
View File

@@ -357,7 +357,7 @@ static void ssl_init_server_check(server_rec *s,
* check for important parameters and the
* possibility that the user forgot to set them.
*/
if (!mctx->pks->cert_files[0]) {
if (!mctx->pks->cert_files[0] && !mctx->pkcs7) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"No SSL Certificate set [hint: SSLCertificateFile]");
ssl_die();
@@ -648,6 +648,16 @@ static void ssl_init_ctx_crl(server_rec *s,
}
}
static void ssl_init_ctx_pkcs7_cert_chain(server_rec *s,modssl_ctx_t *mctx)
{
STACK_OF(X509) *certs=ssl_read_pkcs7(s, mctx->pkcs7);
int n;
if (!mctx->ssl_ctx->extra_certs)
for (n = 1; n < sk_X509_num(certs); ++n)
SSL_CTX_add_extra_chain_cert(mctx->ssl_ctx, sk_X509_value(certs, n));
}
static void ssl_init_ctx_cert_chain(server_rec *s,
apr_pool_t *p,
apr_pool_t *ptemp,
@@ -657,6 +667,11 @@ static void ssl_init_ctx_cert_chain(server_rec *s,
int i, n;
const char *chain = mctx->cert_chain;
if (mctx->pkcs7) {
ssl_init_ctx_pkcs7_cert_chain(s,mctx);
return;
}
/*
* Optionally configure extra server certificate chain certificates.
* This is usually done by OpenSSL automatically when one of the