www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

mod_ssl: follow up to r1781575

Browse Source 
Fix SSLOCSPNoVerify merging, and while at it capitalize Verify as suggested
by wrowe.



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1788430 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yann Ylavic
2017-03-24 12:40:27 +00:00
parent 3555d2d597
commit cee2df66f0
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/ssl/mod_ssl.c
View File

@@ -265,7 +265,7 @@ static const command_rec ssl_config_cmds[] = {
"Proxy URL to use for OCSP requests")
/* Define OCSP Responder Certificate Verification Directive */
SSL_CMD_SRV(OCSPNoverify, FLAG,
SSL_CMD_SRV(OCSPNoVerify, FLAG,
"Do not verify OCSP Responder certificate ('on', 'off')")
/* Define OCSP Responder File Configuration Directive */
SSL_CMD_SRV(OCSPResponderCertificateFile, TAKE1,

4
modules/ssl/ssl_engine_config.c
View File

@@ -147,7 +147,7 @@ static void modssl_ctx_init(modssl_ctx_t *mctx, apr_pool_t *p)
mctx->proxy_uri = NULL;
/* Set OCSP Responder Certificate Verification variable */
mctx->ocsp_noverify = FALSE;
mctx->ocsp_noverify = UNSET;
/* Set OCSP Responder File variables */
mctx->ocsp_verify_flags = 0;
mctx->ocsp_certs_file = NULL;
@@ -1721,7 +1721,7 @@ const char *ssl_cmd_SSLOCSPProxyURL(cmd_parms *cmd, void *dcfg,
}
/* Set OCSP responder certificate verification directive */
const char *ssl_cmd_SSLOCSPNoverify(cmd_parms *cmd, void *dcfg, int flag)
const char *ssl_cmd_SSLOCSPNoVerify(cmd_parms *cmd, void *dcfg, int flag)
{
SSLSrvConfigRec *sc = mySrvConfig(cmd->server);

2
modules/ssl/ssl_engine_ocsp.c
View File

@@ -184,7 +184,7 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
if (rc == V_OCSP_CERTSTATUS_GOOD) {
/* Check if OCSP certificate verification required */
if (!sc->server->ocsp_noverify) {
if (sc->server->ocsp_noverify != TRUE) {
/* Modify OCSP response verification to include OCSP Responder cert */
if (OCSP_basic_verify(basicResponse, sc->server->ocsp_certs, X509_STORE_CTX_get0_store(ctx),
sc->server->ocsp_verify_flags) != 1) {

2
modules/ssl/ssl_private.h
View File

@@ -815,7 +815,7 @@ const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, int flag);
const char *ssl_cmd_SSLOCSPProxyURL(cmd_parms *cmd, void *dcfg, const char *arg);
/* Declare OCSP Responder Certificate Verification Directive */
const char *ssl_cmd_SSLOCSPNoverify(cmd_parms *cmd, void *dcfg, int flag);
const char *ssl_cmd_SSLOCSPNoVerify(cmd_parms *cmd, void *dcfg, int flag);
/* Declare OCSP Responder Certificate File Directive */
const char *ssl_cmd_SSLOCSPResponderCertificateFile(cmd_parms *cmd, void *dcfg, const char *arg);