- Remove tags in ssl_log_ssl_error() and ssl_log_cert_error()
- Instead add tags to various ssl_log_xerror, ssl_log_cxerror
calls (ssl_log_rxerror is unused).
- likewise for modssl_proxy_info_log()
- Fix spelling of APLOG_NOERRNO in coccinelle script
- add support for ssl_log_*error and ap_log_cserror
- add some more tags missing due to APLOG_NOERRNO spelling error
- Remove tags from example modules (we don't want people to blindly copy
those)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1211680 13f79535-47bb-0310-9956-ffa450edef68
Remove some log message tags from ap_log_* calls that log lots of
different error messages, in particular the config parsing errors.
Not sure how we should handle those.
ssl_util.c: Downgrade some dynamic locking messages from level DEBUG
to TRACE1-3
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1210252 13f79535-47bb-0310-9956-ffa450edef68
situations. Use them in most places where malloc, and friends are used.
This results in clean error messages in an out of memory situation instead of
segfaulting or silently malfunctioning. In some places, it just allows to
remove some logging code.
PR 51568, PR 51569, PR 51571.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1172686 13f79535-47bb-0310-9956-ffa450edef68
after support for non-OpenSSL toolkits has been dropped.
Replace macros by their value proper where feasible, and keep
those definitions in ssl_private.h which depend on specific
OpenSSL versions.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1154687 13f79535-47bb-0310-9956-ffa450edef68
to be included even when mod_ssl is not enabled.
* Makefile.in (install-include): Only install mod_ssl.h.
* modules/ssl/ssl_private.h: New file.
* modules/ssl/mod_ssl.h: Move everything apart from than the optional
hook definitions into ssl_private.h.
* modules/ssl/*.c: Include ssl_private.h not mod_ssl.h
* modules/ssl/config.m4: Always add the mod_ssl directory to the
include path so other modules can find mod_ssl.h.
* modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional
hook definitions rather than copy'n'pasting them.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68
type overrides;
MODSSL_CLIENT_CERT_CB_ARG_TYPE
MODSSL_PCHAR_CAST (for a host of non-void/const sslc values)
modssl_read_bio_cb_fn (for several callbacks with same prototypes)
Declare callback functions appropriately.
And protect us from indetermineant toolkits with
#error "Unrecognized SSL Toolkit!"
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@99183 13f79535-47bb-0310-9956-ffa450edef68
SSLEngine upgrade so that we can begin and continue to support these
facilities. This makes it simpler to keep this effort (while we have
no known clients that support Connection: upgrade at this time), and
begin refactoring more of SSL into smaller and tighter (and then optional)
components.
Submitted by: Ryan Bloom
Reviewed by: William Rowe, Joe Orton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97912 13f79535-47bb-0310-9956-ffa450edef68
Also, uncomment a line of code that the last commit should have uncommented.
Randall found this line and the fix, but I forgot to uncomment this line
along with the fix.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97179 13f79535-47bb-0310-9956-ffa450edef68
expected by OpenSSL? Right now I've left it as _DEFAULT for the platform
preference. Very simple code really - the server_rec was superfluous.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95497 13f79535-47bb-0310-9956-ffa450edef68
This is admittedly rather ugly code to come up with a unique 4-byte
identifier for the thread. Since our threads are pthreads and a pthread
maps 1:1 to a TCB, the address of the TCB is sufficient. Yes, every
TCB sees a different piece of real storage mapped to the first page,
so the code does make sense.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95016 13f79535-47bb-0310-9956-ffa450edef68
in the gprof profile. there's no need for the "global" SSLModConfigRec
to live in the s->process->pool userdata table. we now just point the
SSLSrvConfigRec in each server_rec.module_config to the SSLModConfigRec
so we can access it directly which is much faster.
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92234 13f79535-47bb-0310-9956-ffa450edef68
thread mutex routines for when we don't have APR_HAS_THREADS.
Submitted by: Justin Erenkrantz
Reviewed by: Aaron Bannert
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@92061 13f79535-47bb-0310-9956-ffa450edef68
