www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

Add Configuration for trusted OCSP responder certificates

Browse Source 
Fix for PR 46037


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1781575 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jean-Frederic Clere
2017-02-03 16:19:17 +00:00
parent 6b7f4310e7
commit f6146b725c
7 changed files with 161 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/ssl/ssl_engine_init.c
View File

@@ -1762,6 +1762,12 @@ apr_status_t ssl_init_ConfigureServer(server_rec *s,
!= APR_SUCCESS) {
return rv;
}
/* Initialize OCSP Responder certificate if OCSP enabled */
#ifndef OPENSSL_NO_OCSP
ssl_init_ocsp_certificates(s, sc->server);
#endif
}
sdc->proxy->sc = sc;
@@ -2061,6 +2067,12 @@ apr_status_t ssl_init_ModuleKill(void *data)
sc = mySrvConfig(s);
ssl_init_ctx_cleanup(sc->server);
/* Not Sure but possibly clear X509 trusted cert file */
#ifndef OPENSSL_NO_OCSP
sk_X509_pop_free(sc->server->ocsp_certs, X509_free);
#endif
}
#if OPENSSL_VERSION_NUMBER >= 0x10100000L