www/apache
www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-06-04 21:42:15 +03:00
Code
12,714 Commits 62 Branches 297 Tags
Commit Graph

652 Commits

Author SHA1 Message Date
Joe Orton
670b834207 * modules/ssl/ssl_engine_log.c (ssl_log_annotation): const-ify more. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102943 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-12 17:14:28 +00:00
William A. Rowe Jr
ce9d647ae5 Pick up mod_status.h 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102938 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-11 20:19:24 +00:00
Joe Orton
ddecd8ab9e * modules/ssl/ssl_engine_log.c (ssl_log_annotate, ssl_log_annotation, 
ssl_log_ssl_error): const-ify annotation strings and simplify
ssl_log_annotation.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102927 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-10 21:54:17 +00:00
Joe Orton
15e2a44274 Fix use of mod_ssl as a DSO linked against static SSL libraries; also 
stop linking all of support/* against the SSL libraries:

* acinclude.m4 (APACHE_MODULE): Define MOD_FOO_LDADD which each
module .la library will be linked against.
(APACHE_MODPATH_ADD): Link static modules against the provided libraries.
(APACHE_CHECK_SSL_TOOLKIT): Put SSL libraries in SSL_LIBS and export
that to config_vars.mk.

* support/Makefile.in: Link ab against SSL_LIBS.

* modules/ssl/config.m4: Add SSL_LIBS and distcache libraries to
MOD_SSL_LDADD.

PR: 17217


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102870 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-06 16:47:41 +00:00
Bradley Nicholes
74c5908625 Allow the enabled flag to be set to more than just TRUE or FALSE so that 
the OPTIONAL flag can be correctly merged within the
ssl_config_server_merge() function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102860 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-05 02:44:40 +00:00
Bradley Nicholes
344ea84d8e Allow the enabled flag to be set to more that just TRUE or FALSE so that 
the OPTIONAL flag is correctly merged within the
ssl_config_server_merge() function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102859 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-05 02:41:39 +00:00
Joe Orton
1c5889d105 * modules/ssl/ssl_engine_init.c (ssl_init_Engine): Log the OpenSSL 
error stack contents if engine load/init fails.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102857 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 22:00:25 +00:00
Joe Orton
f205725d2e * modules/ssl/ssl_engine_log.c (ssl_log_ssl_error): Use %lu to print 
an unsigned long.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102856 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 21:54:09 +00:00
Joe Orton
4c36ea2ab5 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup, 
ssl_var_lookup_ssl_cipher): Use apr_itoa instead of psprintf %d.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102855 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 20:44:13 +00:00
Joe Orton
919194363c * modules/ssl/ssl_engine_vars (ssl_var_lookup): const'ify result and 
drop a bunch of casts; use apr_table_get directly in place of
ssl_var_lookup_header.
(ssl_var_lookup_header): Remove function.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102854 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 20:39:53 +00:00
Joe Orton
0015ef74b5 * modules/ssl/ssl_engine_vars (ssl_var_lookup): Optimise such that 
lookup of SSL_* variables (the common case) requires 2 rather than 29
strcasecmp calls before getting to ssl_var_lookup_ssl().


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102851 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 13:42:09 +00:00
Joe Orton
0f7f4106a3 * modules/ssl/mod_ssl.h: Declare ssl_is_https optional function. 
* modules/ssl/ssl_engine_vars (ssl_is_https): New function.
(ssl_var_register): Register it.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102850 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 13:06:54 +00:00
Joe Orton
3f58695141 * modules/ssl/ssl_engine_vars (ssl_var_lookup): Fix potential 
segfaults if called with r=NULL, c!=NULL, spotted by Andr��.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102849 13f79535-47bb-0310-9956-ffa450edef68
 2004-03-04 07:59:30 +00:00
Joe Orton
e878bf757b * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable, 
ssl_io_filter_error): Clear the SSL * pointer in the SSLConnRec too.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102819 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-29 00:29:20 +00:00
Joe Orton
dd2b6c2bf8 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): Simplify 
to use apr_pstrmemdup.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102815 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-28 23:03:15 +00:00
Joe Orton
eb78a22c85 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn): For a DN 
which includes several RDNs with the same OID, allow lookup of any
particular RDN using an "_<n>" suffix on the name.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102813 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-28 22:56:01 +00:00
Joe Orton
3ca3524c31 Move mod_ssl-internal interfaces into ssl_private.h; allow mod_ssl.h 
to be included even when mod_ssl is not enabled.

* Makefile.in (install-include): Only install mod_ssl.h.

* modules/ssl/ssl_private.h: New file.

* modules/ssl/mod_ssl.h: Move everything apart from than the optional
hook definitions into ssl_private.h.

* modules/ssl/*.c: Include ssl_private.h not mod_ssl.h

* modules/ssl/config.m4: Always add the mod_ssl directory to the
include path so other modules can find mod_ssl.h.

* modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional
hook definitions rather than copy'n'pasting them.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102803 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-28 18:06:35 +00:00
Joe Orton
3b3113012f Relicense. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102799 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-28 11:55:46 +00:00
Madhusudan Mathihalli
48c38a4533 Send the 'Close Alert' message to the peer upon closing a SSL session. This 
required creating a new EOC (End-Of-Connection) bucket type to notify mod_ssl
that the connection is about to be closed.


Reviewed by: Joe Orton, Justin Erenkrantz


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102793 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-28 00:45:26 +00:00
Joe Orton
0e34b8f5f4 * modules/ssl/ssl_engine_io.c (ssl_io_filter_disable): Don't leak an 
SSL structure for each plain-HTTP-on-SSL-port request.

PR: 27106


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102770 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-25 10:54:29 +00:00
Joe Orton
825005a089 * modules/ssl/ssl_engine_pphrase.c (ssl_pphrase_Handle): Wording 
tweaks.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102747 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-22 10:27:21 +00:00
Joe Orton
ba689780fa * modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_init): Use an 
anonymous shm segment by default or fall back on name-based shm.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102746 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-22 10:23:01 +00:00
Joe Orton
1609950077 * modules/ssl/ssl_engine_pphrase.c: Note that the ERR_clear_error() 
call is not merely a cosmetic fix in light of PR 21160.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102628 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-10 12:17:44 +00:00
André Malo
a688f06b19 fix name of The Apache Software Foundation 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102618 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-09 20:31:03 +00:00
André Malo
0b6155c539 fix copyright dates according to the first check in 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102573 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-08 12:52:25 +00:00
André Malo
4f02cb1e18 apply Apache License, Version 2.0 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102525 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-06 22:58:42 +00:00
Justin Erenkrantz
a91a2e172b We need the SSL module dir in our path in order to compile mod_ssl. 
Otherwise, we can't find mod_ssl.h.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102515 13f79535-47bb-0310-9956-ffa450edef68
 2004-02-05 17:54:30 +00:00
Joe Orton
812f43e569 * modules/ssl/ssl_engine_io.c (ssl_io_filter_output): Use non-blocking 
bucket reads whilst data remains available; flush when a read returns
EAGAIN.  Fixes streaming nph- CGI scripts over SSL.

PR: 21944
Inspired by: Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102397 13f79535-47bb-0310-9956-ffa450edef68
 2004-01-23 16:50:24 +00:00
Joe Orton
faf133a577 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl): Fix segfault if 
SSL_get_session() returns NULL.

PR: 15057
Submitted by: Otmar Lendl (lendl@nic.at)


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102281 13f79535-47bb-0310-9956-ffa450edef68
 2004-01-12 10:51:44 +00:00
Joe Orton
223c481ae9 * modules/ssl/ssl_scache_dc.c: Add the Apache Software License. 
* modules/ssl/mod_ssl.h: Undo accidental comment change in previous
commit.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102228 13f79535-47bb-0310-9956-ffa450edef68
 2004-01-08 16:40:18 +00:00
Joe Orton
3c52d23027 Add support to mod_ssl for a distributed session cache using 
distcache.

* LAYOUT: Update for removal of scache_shmht and addition of scache_dc.

* modules/ssl/config.m4: Check for libdistcache; build ssl_scache_dc.lo.

* modules/ssl/mod_ssl.dsp: Build ssl_scache_dc (with luck).

* modules/ssl/mod_ssl.h: Add SSL_SCMODE_DC and scache_dc_* prototypes.

* modules/ssl/ssl_engine_config.c (ssl_cmd_SSLSessionCache): Allow
use of dc: argument.

* modules/ssl/ssl_scache_dc.c: New file.

* modules/ssl/ssl_scache.c (ssl_scache_init, ssl_scache_kill,
ssl_scache_store, ssl_scache_retrieve, ssl_scache_remove,
ssl_ext_status_hook): Hook into scache_dc.

Submitted by: Geoff Thorpe <geoff@geoffthorpe.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102227 13f79535-47bb-0310-9956-ffa450edef68
 2004-01-08 16:26:53 +00:00
André Malo
fb07607180 update license to 2004. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102135 13f79535-47bb-0310-9956-ffa450edef68
 2004-01-01 13:26:26 +00:00
Martin Kraemer
28bd9fb514 We need the error strings loaded as early as possible 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102067 13f79535-47bb-0310-9956-ffa450edef68
 2003-12-15 14:30:12 +00:00
Jeff Trawick
970faa2d6a get mod_ssl.dsp to load again 
(we *x weenies have to be careful :) )


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102062 13f79535-47bb-0310-9956-ffa450edef68
 2003-12-15 11:35:34 +00:00
Joe Orton
4de16bd525 Fix format string warnings from gcc on amd64: 
* modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_store):
Print apr_size_t using APR_SIZE_T_FMT.

* modules/ssl/ssl_engine_io.c (ssl_filter_write): Print difference
between sizes using APR_SSIZE_T_FMT, apr_size_t using APR_SIZE_T_FMT.

* modules/proxy/proxy_http.c (ap_proxy_http_request): Print
apr_uint64_t using APR_UINT64_T_HEX_FMT.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102037 13f79535-47bb-0310-9956-ffa450edef68
 2003-12-12 12:36:50 +00:00
Joe Orton
2dbba35cc6 * modules/ssl/mod_ssl.h: Remove prototypes for shmht. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101900 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-26 09:34:15 +00:00
Joe Orton
e2e8cc8e79 Extend mod_status output to include SSL session cache status 
information:

* modules/ssl/mod_ssl.c (ssl_hook_pre_config): Call
ssl_scache_status_register.

* modules/ssl/ssl_scache.c (ssl_scache_status): Removed function.
(ssl_ext_status_hook): Renamed from ssl_ext_ms_display: switch to
2.1's mod_status "status_hook" API.
(ssl_scache_status_register): Register optional hook.

* modules/ssl/ssl_scache_dbm.c (ssl_scache_dbm_status): Adjust to use
new API.

* modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_status): Adjust
to use new API.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101889 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 16:59:10 +00:00
Joe Orton
9ddbb80f51 Remove shmht session cache in favour of shmcb; shmht has had 
data corruption bugs since being apr_rmm'ified.

* config.m4, mod_ssl.dsp: Don't build ssl_util_table and
ssl_scache_shmht.

* ssl_util_table.h, ssl_util_table.c, ssl_scache_shmht.c: Removed
files.

* mod_ssl.h (SSLModConfigRec): Use a void * pointer for storing
the scache-specific data.

* ssl_engine_config.c (ssl_cmd_SSLSessionCache): Treat shmht: as
shmcb:.

* ssl_scache.c: Remove shmht hooks throughout.

* ssl_scache_shmcb.c: Remove casts to use the table_t * pointer as a
void *.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101888 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 15:46:37 +00:00
Joe Orton
c665770e7c * modules/ssl/ssl_engine_vars.c (ssl_var_log_handler_x): Fix 
unused variable from previous commit.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101881 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 13:16:10 +00:00
Joe Orton
7aa9696571 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup): Only call 
ssl_var_lookup_ssl for a real SSL connection; fix lookup of "HTTPS"
for non-SSL connections.
(ssl_var_log_handler_x): Give results for non-SSL connections too;
e.g. %{HTTPS}x does the right thing.

PR: 23956


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101880 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 13:10:09 +00:00
Joe Orton
5bd9d41311 * modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_version): 
Determine the library version string at run-time rather than at
compile-time.

Submitted by: Eric Seidel <eseidel@apple.com>
PR: 23956


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101879 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 12:46:32 +00:00
Joe Orton
2c999f855a * modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs): Fail early 
(rather than segfault later) if a client cert is configured which is
missing either the certificate or private key.

PR: 24030


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101878 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-25 12:35:45 +00:00
Justin Erenkrantz
c02dcf4c02 Sync with APR-util deprecated functions. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101789 13f79535-47bb-0310-9956-ffa450edef68
 2003-11-16 02:22:25 +00:00
Joe Orton
1a97fbae07 * ssl_engine_log.c (ssl_log_ssl_error): Use the thread-safe 
interface for retrieving error strings.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101625 13f79535-47bb-0310-9956-ffa450edef68
 2003-10-30 12:15:28 +00:00
Joe Orton
ae0cef9c80 Fix missing human-readable error information in SSL log messages: 
* mod_ssl.c (ssl_cleanup_pre_config): Don't free the error strings,
since they can't be loaded again once.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101624 13f79535-47bb-0310-9956-ffa450edef68
 2003-10-30 12:07:06 +00:00
Joe Orton
0917d6edc8 * modules/ssl/ssl_engine_vars.c (ssl_var_log_handler_c): Fix 
segfault on a non-SSL request.

PR: 22741
Submitted by: Gary E. Miller <gem@rellim.com>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101534 13f79535-47bb-0310-9956-ffa450edef68
 2003-10-23 13:12:38 +00:00
Joe Orton
bc1c3f3d88 Fix a cosmetic issue where OpenSSL 0.9.7 will dump the error stack 
during pass phrase entry.

* ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the OpenSSL error
stack before reading the private key.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101515 13f79535-47bb-0310-9956-ffa450edef68
 2003-10-22 15:04:11 +00:00
William A. Rowe Jr
bfc7b8e373 SSL-C doesn't declare the char* file arg const, so we shouldn't either. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101303 13f79535-47bb-0310-9956-ffa450edef68
 2003-09-22 19:26:21 +00:00
Jim Jagielski
a2c6b81c28 These silent errors have bitten me a few times, now that we 
use APR'd dbm. mod_ssl had hacked sdbm for larger sizes.

PR:
Obtained from:
Submitted by:
Reviewed by:


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101214 13f79535-47bb-0310-9956-ffa450edef68
 2003-09-10 14:21:12 +00:00
William A. Rowe Jr
bea15a2e01 Simplify includes - we always (in HTTPD 2.1 forward) are looking 
for the openssl/foo.h headers explicitly.  Fix the abs.dsp build
  to define HAVE_OPENSSL instead of USE_SSL so the correct headers
  are included upfront.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101195 13f79535-47bb-0310-9956-ffa450edef68
 2003-09-08 16:03:49 +00:00