www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-07 04:02:58 +03:00
Code Activity

break out certificate revocation list initialization into

Browse Source 
ssl_init_crl function


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94246 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Doug MacEachern
2002-03-27 23:53:27 +00:00
parent a413cb6798
commit 934bb7f29b
1 changed files with 34 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
modules/ssl/ssl_engine_init.c
View File

@@ -557,6 +557,38 @@ static void ssl_init_cipher_suite(server_rec *s,
} }
} }
static void ssl_init_crl(server_rec *s,
apr_pool_t *p,
apr_pool_t *ptemp,
SSLSrvConfigRec *sc)
{
const char *vhost_id = sc->szVHostID;
/*
* Configure Certificate Revocation List (CRL) Details
*/
if (!(sc->szCARevocationFile || sc->szCARevocationPath)) {
return;
}
ssl_log(s, SSL_LOG_TRACE,
"Init: (%s) Configuring certificate revocation facility",
vhost_id);
sc->pRevocationStore =
SSL_X509_STORE_create((char *)sc->szCARevocationFile,
(char *)sc->szCARevocationPath);
if (!sc->pRevocationStore) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
"Init: (%s) Unable to configure X.509 CRL storage "
"for certificate revocation",
vhost_id);
ssl_die();
}
}
/* /*
* Configure a particular server * Configure a particular server
*/ */
@@ -613,6 +645,8 @@ void ssl_init_ConfigureServer(server_rec *s,
ssl_init_cipher_suite(s, p, ptemp, sc); ssl_init_cipher_suite(s, p, ptemp, sc);
ssl_init_crl(s, p, ptemp, sc);
SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA); SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH); SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
@@ -621,27 +655,6 @@ void ssl_init_ConfigureServer(server_rec *s,
SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState); SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState);
} }
/*
* Configure Certificate Revocation List (CRL) Details
*/
if (sc->szCARevocationFile || sc->szCARevocationPath) {
ssl_log(s, SSL_LOG_TRACE,
"Init: (%s) Configuring certificate revocation facility",
vhost_id);
sc->pRevocationStore =
SSL_X509_STORE_create((char *)sc->szCARevocationFile,
(char *)sc->szCARevocationPath);
if (!sc->pRevocationStore) {
ssl_log(s, SSL_LOG_ERROR|SSL_ADD_SSLERR,
"Init: (%s) Unable to configure X.509 CRL storage "
"for certificate revocation",
vhost_id);
ssl_die();
}
}
/* /*
* Configure server certificate(s) * Configure server certificate(s)
*/ */